Security News > 2020 > October > Barnes & Noble Hack: A Reading List for Phishers and Crooks
UPDATE. Barnes & Noble is warning that it has been hacked, potentially exposing personal data for shoppers - and offering phishers an early holiday gift.
In any event, Barnes & Noble said that its IT team "Doesn't know" yet if customer info was exposed, but the systems that were hit contained personal data, so it may have been.
As far as only the financial data - and not the personal data - being encrypted, Mark Bower, senior vice president at comforte AG, told Threatpost that this approach is all too common.
"Fundamentally, organizations have an increasing obligation to their customers to secure a lot more than just the minimum. Privacy regulations like California Consumer Privacy Act are transferring increasing data rights to citizens over data management and security, and today, business leaders have to consider personal data as a trusted donation, not just data acquisition."
Even without credit-card or full identity fraud in the offing, the data is all that's needed for crooks and phishers to mount convincing, personalized email campaigns bent on harvesting credentials or financial data.
News URL
https://threatpost.com/barnes-noble-hack-phishers-crooks/160148/