U.S. Bookstore giant Barnes & Noble hit by cyberattack

U.S. Bookstore giant Barnes & Noble has disclosed a cyber attack and that the threat actors have exposed the customers’ data.

Barnes & Noble, Inc., is an American bookseller with the largest number of retail outlets in the United States in fifty states.

The bookseller also operated the Nook Digital, which is a spin-off division that sells eBook and e-Reader platform.

Over the weekend, users have been complaining on Nook’s Facebook page and Twitter that they were not able to access their library of purchased eBooks and magazine subscriptions.

A series of messages published on Barnes & Noble’s Nook social media accounts state that it had suffered a system failure and is working to restore operations by restoring their server backups.

In a statement to Fast Company Barnes & Noble confirmed that financial data of its customers were not compromised.

“We have a serious network issue and are in the process of restoring our server backups,” Barnes & Noble told Fast Company in a statement. “Our systems are back online in our stores and on BN.com, and we are investigating the cause. Please be assured that there is no compromise of customer payment details, which are encrypted and tokenized.”

In a series of updates, GoodReader revealed that according to store managers Barnes & Noble had a “virus in their networks”

“Various Barnes and Noble Store managers have contacted me and stated that there is a virus in their networks. It intitially came down from the corporate and filtered down to the stores and also affected the Nook. Cash registers, in physical bookstores are attached to the same network, so no orders can be placed or processed.” states GoodReader. “Some people in the comment section said some of their Nook accounts have been compromised and their credit cards are being used by third parties. The Nook Cloud continues to be down, you can’t sync or access it on the Nook e-reader or the Nook apps, so you can’t see any of the purchases you might have made in the past week.”

BleepingComputer confirmed that the company was hit by a cyber attack on October 10th, 2020, and cited as a source an email sent to customers late Wednesday night that is has seen.

Threat actors compromised the network of Barnes & Noble and gained access to its corporate systems.

“It is with the greatest regret we inform you that we were made aware on October 10, 2020 that Barnes & Noble had been the victim of a cybersecurity attack, which resulted in unauthorized and unlawful access to certain Barnes & Noble corporate systems.” reads the email sent to the customers.

“We write now out of the greatest caution to let you know how this may have exposed some of the information we hold of your personal details,” Barnes & Noble stated in their email.”

The company revealed that hackers had access to customers’ email addresses, billing addresses, shipping addresses, and purchase history.

At the time of writing this post, the company hasn’t provided details of the attack, such as the family of malware that infected its systems. Information shared about the cyber attacks suggests that the company was the victim of a ransomware attack.

In August, the website ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. The experts pointed out that the list of Pulse VPN credentials, gathered by exploiting the CVE-2019-11510 flaw, also contained accounts belonging to Barnes & Noble.

Depending on the family of ransomware that allegedly infected the company systems we cannot exclude that ransomware operators will leak stolen data on a leak site to threaten Barnes & Noble.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, malware)

[adrotate banner=”5″]

[adrotate banner=”13″]