Barnes & Noble, an American bookseller among the Fortune 100 company just confirmed that they have been breached by a cyberattack, and suspected customer data has been leaked.
The American book store with a million titles at a time for distribution, started it’s an online e-reader and selling service in 2009 as “Nook”, to keep up with the shift in literature trend from traditional books to digital e-books.
During the weekend, Nook’s users went on outrage on social media as the e-reader suffered an outage. Customers were unable to access their library, their history an,d purchases gone, some faced connectivity issues and other technical problems.
The outage spread to Barnes & Noble stores where cash registers were out of function.
This lead to the speculation that the issue might not be glitch or server related but a Point-of-Sale (PoS) cyber attack or malware infection.
The organization was able to resolve the issue by Tuesday and Nook publically acknowledged the connectivity and server issue on Wednesday.
They said that a “system failure” was at fault and the backhand engineers were working to “get all Nook services back to full operation.”
“Unfortunately, it has taken longer than anticipated,” Nook continued. “We sincerely apologize for this inconvenience and frustration.”
Though, now Barnes & Noble has confirmed that the glitch was indeed due to a cyber attack.
In an email, the bookseller said that on October 10, “Barnes & Noble was the victim of intrusion, leading to unauthorized and unlawful access to certain Barnes & Noble corporate systems.”
ZDNet reports that “Customer email addresses, billing and shipping addresses, telephone numbers, and transaction histories may have been exposed during the breach.”
“We currently have no evidence of the exposure of any of this data, but we cannot at this stage rule out the possibility,” the company added.
The company assures that no financial data “encrypted or tokenized” was compromised. The bookstore firm did not escalate or reveal how many customers were impacted by the breach but they warned that the accessed emails might become subjected to phishing campaigns.