Attack on Barnes & Noble: Personal data exposed

Attack on Barnes & Noble: Personal data exposed
For days, the online store and Barnes & Noble services were inaccessible or malfunctioning. There were also several reports regarding the inability to make payments within the physical stores managed by the company overseas. It is the result of an attack confirmed today by the group with an official statement of which we report below some extracts in translated form.

With the greatest regret we inform you that we have learned that on 10 October Barnes & Noble was the victim of an attack resulting in unauthorized and illegal access to certain systems.

Barnes & Noble confirms the attack and breach

The company refers to the possible exposure of personal data such as email addresses, home addresses and telephone numbers. On the other hand, those regarding payment methods are safe.

First of all we want to reassure you that no data relating to payment cards or other financial information have been compromised. They are encrypted, token-managed and not accessible. However, the affected systems contained email addresses and, if provided, shipping and billing addresses as well as telephone numbers.

As a result of the incident, customers could end up in the crosshairs of spam or phishing campaigns. The invitation is therefore to pay the utmost attention.

We also keep the history of transactions or information about purchases for books and other products ... It is possible that your email address has been exposed and, as a result , you may receive unsolicited messages.

Barnes & Noble did not provide any details regarding the nature of the attack. Considering the methods and the need to keep all services offline for several days in order to restore them from backups, it is not excluded that it may be a ransomware, a type of computer threat that is claiming victims more and more frequently.

Source: The Register

No comments:

Powered by Blogger.