Barnes & Noble confirms cyberattack, ransomware group leaks allegedly stolen data
On October 20, 2020 Barnes and Noble confirmed that a cyber attack impacted Nook services and exposed customer data. Over the weekend customers reported multiple instances of outages. Customers were not able to access their nook library and their previous purchases were no longer recorded. The Outage also affected physical assets such as cash register. There is speculation that Barns and Noble could be infected with malware that affects point of sale systems (POS) . Customer email addresses, billing and shipping addresses, telephone numbers, and transaction histories may have been exposed during the breach. The article mentioned that the bookseller’s VPN servers were previously vulnerable to CVE-2019-11510, an arbitrary read vulnerability.Security flaws like this can be used to compromise corporate networks and deploy payloads, including ransomware.