CALL 916-777-7777
Youtube Facebook-f X-twitter Linkedin-in

Barnes & Noble Data Breach

Posted on behalf of Arnold Law Firm in
data breach of electronic booksOn October 10, 2020, Barnes & Noble discovered an unauthorized party gained unlawful access to certain corporate systems. The American bookselling giant has not disclosed how many customers may have been impacted by the data breach. Barnes & Noble claims that there was no compromise of payment cards or other financial data, because this type of information is encrypted and tokenized. However, customer details that may have been exposed in the cybersecurity attack include:
  • first and last names
  • email addresses
  • billing and shipping addresses
  • telephone numbers
  • transaction history
The book retailer has notified customers of the security incident, warning that they may receive unsolicited emails, a concern because those emails could be part of phishing campaigns to obtain passwords or deliver malware. Although not valuable to hackers on its own, basic personal information can be combined with other details to create full profiles of people. Hackers can use the combined information to steal identities and generate fraudulent transactions. The Barnes & Noble data breach appears to be related to a recent system failure that disrupted NOOK e-book services and angered consumers over the weekend prior. Customers complained on social media about connectivity issues, interrupted access to NOOK libraries, and deletion of previous purchase history. Security experts speculate that Barnes & Noble may have suffered a ransomware attack, possibly involving the exfiltration of data from compromised servers. Barnes & Noble was reportedly running unpatched Pulse Secure VPN servers with a security hole known to be used to steal usernames and passwords, which gives hackers easy access into aac company’s internal network to install ransomware. In August, ZDNet reported that a Russian-speaking hacking forum distributed usernames and passwords for over 900 Pulse Secure VPN enterprise servers – including Barnes & Noble. Founded in 1971 in New York City, Barnes & Noble claims to be the world’s largest retail bookseller and a leading retailer of content, digital media and educational products. Owned by Elliott Advisors (UK) Limited, the company operates over 600 locations across the nation. In its 2019 fiscal year, Barnes & Noble reported revenue of $3.48 billion.

If you received a NOTICE OF DATA BREACH that involves financial or highly sensitive information, contact the Arnold Law Firm at (916) 777-7777 to discuss your situation and possible developing legal options with a Sacramento data breach attorney.

Settlement - $3,767,000

Truck Accident

A 20-year-old man who had been married for just 12 days left home on his way to work. He was driving on Pleasant Grove Road in Sutter County in the early morning when he came upon a slow-moving truck. As he pulled out to pass the truck, the truck driver turned left in front of him. The young man attempted to steer back into his lane but his vehicle struck an un-flagged piece of metal extending from the back of the truck. He died in the resulting crash.

Expert witnesses brought in by the Arnold Law Firm proved that the truck, owned and operated by a hauling firm, should never have been on the highway that morning. Specifically, the rear and side turn signals did not work and the rear-view mirror was in a poor state of adjustment at the time of the collision. As a result, the driver, who had failed to properly inspect the vehicle before setting out that morning, couldn’t see the young man’s vehicle as it attempted to pass.

The poor condition of the truck, its lack of maintenance and the manner in which it was operated were found to be substantial factors in causing the collision that killed the young man. The testimony also established that the man had been making a lawful pass at the lawful speed limit and acted reasonably when he attempted to avoid the collision.

The man’s 20-year-old widow was awarded $3,767,000.77, his parents were awarded $185,131 and the family was reimbursed $11,899 in funeral expenses. Though money is a poor substitute for a young man’s life, this verdict demonstrates that drivers who endanger the lives of others will be held accountable for their actions.