‘Barnes & Noble’ Likely Hit by Client Data Stealing Ransomware

Last updated June 23, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

American bookstore chain ‘Barnes & Noble’ has had a cybersecurity incident that looks like a ransomware attack. While the firm operates 627 physical retail stores in fifty US states, they also run an eBook and e-Reader platform called “Nook Digital.”

A couple of days ago, that service was taken down with no official explanation, with users who had bought books and magazines not being able to access their content. When they did manage to access the platform, all they got was an empty library.

Yesterday, the service sent emails to their Nook customers to acknowledge the service interruption and assure them that a backup restoration process is underway. Until this is completed, the clients will have to be patient since they won’t be able to access the stuff they paid for. When the service is back to normal operational status, all of the affected customers will receive a coupon for the inconvenience.

Restoring from backup servers definitely sounds like something to do after a ransomware attack, but Barnes & Noble hasn’t given any more details about what interrupted their service. However, today, they’ve provided a statement to the media where they mentioned unauthorized and unlawful access to certain corporate systems. This may have exposed customer email addresses, billing details, shipping addresses, telephone numbers, and transaction histories.

Before you panic, Barnes & Noble stated that the clients’ financial information was encrypted and tokenized as a security precaution, so even if the hackers stole them, they wouldn’t have a way to read it. They also said they see no evidence that the data has been exposed anywhere - but this may happen in the future, of course.

Following this disclosure, ‘Bad Packets’ said that in one of their recent scans, Barnes & Noble’s Pulse VPN servers came out vulnerable to CVE-2019-11510. Exploiting this flaw could have led to network account credentials takeover, information access, lateral movement, and more. This is a flaw that has “burned” many firms since August 2019, but somehow, there are still unpatched systems running out there.

The Nook service is still down right now, so the bookstore could be dealing with absurd ransom demands. If you are using Nook and still have access to your files, do not reboot your device and do not clear your app’s cache. Finally, you should not try to buy anything new from the online store for the moment. The Barnes & Nobles’ support team has been overwhelmed already, so you should stay calm and be patient.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: