Book chain Barnes & Noble has suffered a cyber security attack, possibly exposing email addresses and other data on customers.
The company sent an email to customers last Thursday, saying that it had learned on October 10 that there had been “unauthorized and unlawful access to certain Barnes & Noble corporate systems.”
Payment card numbers and other financial data were not compromised, the company adds. However, telephone numbers and billing and shipping addresses may have been accessed.
“We write now out of the greatest caution to let you know how this may have exposed some of the information we hold of your personal details.”
This incident closely followed an outage affecting Nook, the retailer’s online library. Nook informed readers last week that the problem was due to a system failure.
However, outside reports blame both issues on a ransomware attack.
Nook users reportedly were unable to access their online book libraries and magazine subscriptions.
In an FAQ, Barnes & Noble states: “Your email was not compromised as a result of this attack. However, it is possible that your email address was exposed and, as a result, you may receive unsolicited emails.”
It continues that while “we do not know if any personal information was exposed as a result of the attack, we do retain in the impacted systems your billing and shipping addresses, your email address and your telephone number if you have supplied these.”
The impacted systems also contain “your transaction history, meaning purchase information related to the books and other products that you have bought from us,” the company adds.