A malware attack is suspected in a recent Barnes & Noble data breach that exposed customer information. The attack also led to some customers not being able to access their e-reader Nook libraries and the temporary shutdown of cash registers at the bookstores’ physical locations.
Barnes & Noble officials said the cyberattack took place earlier this month with unauthorized users gaining access to the corporate systems. The bookseller originally called the issue a “system failure” and later confirmed the cyberattack.
Along with affecting the Nook libraries, the data breach exposed customers’ personal information, including names, email addresses, billing addresses and telephone numbers. This information can be used in phishing attacks that aim to gather personal and financial data.
Company officials said no payment card or other financial information was put at risk. They said payment information is encrypted and tokenized.
“We take the security of our IT systems extremely seriously and regret sincerely that this incident has occurred. We know also that it is concerning and inconvenient to receive notices such as this,” company officials said in an email to customers.
The company did not release the number of customers possibly affected in the data breach.