Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Barnes & Noble Warns Customers About Data Breach
Famed bookseller says non-financial data was exposed in a new attack.
1 Min Read
Barnes & Noble has notified customers that its systems were breached, placing their personal information at risk.
The notification comes on the heels of a "system failure" that led to users of Nook, Barnes and Noble's e-book reader, to lose access to their books and purchases on their mobile devices.
While Barnes & Noble has yet to offer details on the breach, a blog post at Tripwire says that, according to researcher Troy Mursch, Barnes & Noble has been running Pulse Secure VPN servers for months that have not been patched against the critical CVE-2019-11510 vulnerability. In August, ZDnet reported that hundreds of usernames and passwords for Pulse Secure enterprise VPN servers -- including those of Barnes & Noble -- had been posted on Russian Dark Web markets.
No financial or payment information was exposed in the breach, but customer names, email and shipping addresses, and order histories, were. This type of non-financial information is often used by cybercriminals to build compelling text for spear-phishing campaigns.
For more, read here.
About the Author
You May Also Like
More Insights
