AskCyberSecurity.com

Cyber Security News & Information

AskCyber Home » News » Data Breach » Barnes & Noble Data Breach Exposed Customer Details

Barnes & Noble Data Breach Exposed Customer Details

by

Barnes Noble Data Breach

Bookseller Confirms Cyberattack Exposed Consumer Information

Barnes & Noble Booksellers revealed that a data breach exposed customer data to the attackers. The data breach, which was initially reported as a network outage, was said to be a cyberattack in a statement emailed to customers yesterday.

The attackers stole customer emails, shipping and billing addresses as well as phone numbers. Customer purchase histories were also exposed in the data breach.

No customer payment card numbers were compromised in the cyber attack. However, some Barnes & Noble customers have already begun complaining about unauthorized charges on their credit cards, according to GoodReader.

On October 10th, Barnes & Noble customers took to social media to complain that they were unable to access their e-books or other purchased reading materials. Customer libraries and wish lists were blank both online at BN.com and on NOOK readers.

The incident affected Nook readers as well as Nook apps for Android and iOS.

Barnes & Noble initially said they had a systems failure. But on October 14, the company sent emails to customers stating that they had suffered a cyberattack. The cyber security incident occurred on October 10th.

Barnes & Noble Data Breach eMail – Credit: GoodReads

Barnes & Noble – What Do I Do?

It’s unfortunately quite common for people to use the same password across multiple online accounts. When a seemingly innocuous password like that used for your Barnes and Noble account is stolen, it can be exploited to hack into your bank account or credit card.

The Most Common Hacked Passwords

Cybercriminals aggregate sensitive data stolen during multiple data breaches. They assemble profiles of people’s information – including emails, names, addresses, and passwords from multiple online accounts. They then take low-level username and password combinations  – like those used for social media accounts for example – in an attempt to break into more valuable accounts like credit cards and bank accounts.

  1. Barnes & Noble customers should change their online account passwords immediately. Use a new and unique password for this online account.
  2. Enable two-factor authentication (2FA) or better yet multi-factor authentication (MFA) for any online account that allows it. This adds an additional layer of security to help prevent a hacker from stealing your account information.
  3. Always use a unique and hard-to-guess password for each and every online account. If you have trouble creating and remembering individual passwords for each account you have, try using a password manager to help you store them.
  4. Use an authentication app like Google Authenticator (it’s free) to help secure an online account.

About Barnes & Noble

Barnes & Noble is a US-based bookstore headquartered in New York NY. The company has over 600 retail locations all of which are in the United States. The company also sells a popular Nook reading tablet so customers can download purchases to read.

The company was previously impacted by a data breach in 2012. In that incident, cybercriminal stole payment card information from customers who had shopped at physical retail locations.

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers