HackDig : Dig high-quality web security articles for hackers

Barnes & Noble Warns Customers About Data Breach

2020-10-15 16:00
Famed bookseller says non-financial data was exposed in a new attack.

Barnes & Noble has notified customers that its systems were breached, placing their personal information at risk.

The notification comes on the heels of a "system failure" that led to users of Nook, Barnes and Noble's e-book reader, to lose access to their books and purchases on their mobile devices.

Related Content:

10 Years Since Stuxnet: Is Your Operational Technology Safe?

2020 State of Cybersecurity Operations and Incident Response

New on The Edge: What's Really Happening in Infosec Hiring Now?

While Barnes & Noble has yet to offer details on the breach, a blog post at Tripwire says that, according to researcher Troy Mursch, Barnes & Noble has been running Pulse Secure VPN servers for months that have not been patched against the critical CVE-2019-11510 vulnerability. In August, ZDnet reported that hundreds of usernames and passwords for Pulse Secure enterprise VPN servers -- including those of Barnes & Noble -- had been posted on Russian Dark Web markets.

No financial or payment information was exposed in the breach, but customer names, email and shipping addresses, and order histories, were. This type of non-financial information is often used by cybercriminals to build compelling text for spear-phishing campaigns.

For more, read here.


Source: -d/d/hcaerb-atad-tuoba-sremotsuc-snraw-elbon-dna-senrab/sehcaerb-skcatta/moc.gnidaerkrad.www

Read:231 | Comments:0 | Tags:No Tag

“Barnes & Noble Warns Customers About Data Breach”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools