Barnes and Noble, a bookselling retail giant, has publicly disclosed a cyberattack that occurred on October 10 and affected user information. The company is a Fortune 1000 organization and boasts the largest number of bookselling retail outlets in the US. During the security breach, malicious actors were able to access certain corporate systems through leveraging vulnerabilities promoting unauthorized access to protected content.
According to Barnes and Noble, payment card information and financial data have not been compromised but email addresses, billing and shipping addresses, phone numbers, and other personally identifiable information have been exposed. The systems impacted by the cyberattack have been retained by the bookselling giant although they store transaction history, which includes purchase information. Barnes and Noble have claimed that there is no evidence that this data was exposed in the attack.