From The Digital Reader:
Barnes & Noble is going through the mother of all system crashes right now.
Some time late Friday night or early Saturday morning the retailer’s entire IT backbone crashed, and it took almost all of the company’s functionality with it. Everything from the cash registers to the catalog lookup is down. Even the Nook platform is down.
What’s even worse is that it’s Tuesday morning, and everything is still borked. I just checked the B&N website, and while I can see the site I cannot log in, much less buy anything. I also cannot access any of the Nook features.
UPDATE: B&N’s systems are mostly back up around 3 pm eastern.
There are unconfirmed reports on Reddit that B&N has been attacked by a virus or other malware. Given that we are now on day four of this situation, it is more than likely that they are correct.
Link to the rest at The Digital Reader
When PG just checked the Barnes & Noble website, he found the following at the B&N Help Center:
We apologize for a system failure which is interrupting access to NOOK content for some users. We are working urgently now to get all NOOK Services back to full operation as soon as possible. We apologize once again and will post an update once systems are restored.
PG couldn’t find any reference to the systems problem on the BN home page.
PG first saw a mention of a huge Barnes & Noble system failure on October 10 on Good EReader. He held up on any post because he couldn’t find anything on the Barnes & Noble website or elsewhere online via Google search about any problems.
PG would love to know if Barnes & Noble sent out a notice to its Nook customers or otherwise notified readers about the problem.
For those unfamiliar with US business computing standards, a three-day outage of a company’s entire computer system (including the one used at all US Barnes & Noble retail stores) almost certainly qualifies as technology malpractice of a high order.
If it failed to do so, then, in PG’s electronically-humble opinion, Barnes & Noble has displayed total and complete ham-handedness, not only in failing to protect its entire IT infrastructure from a single-point-of-failure disaster, but also failing to take the most fundamental step toward handling an outage that interfered with the end-user experience of its Nook users.
Where was super-hero Barnes & Noble British CEO during all of this? PG searched for James Daunt’s name on Google for the last week and found lots of mentions, but nothing that Daunt had said about the Barnes & Noble disaster.
Not exactly an example of good crisis management.
During the process of looking for evidence Daunt had any idea what to do (or even knew) about the Barnes & Noble systems failure, PG learned that Barnes & Noble closed down a large bookstore in Evanston, Illinois, a few months ago.
PG has a lot of knowledge about Evanston, having lived there for several years, and he was more than a little surprised at this closure.
A few details:
- Evanston is an upscale suburb north of Chicago that is full of wealthy people, many of which are well-educated and who have plenty of money to spend on books and other consumer goods.
- Evanston is the home of Northwestern University, a highly-rated educational institution where a lot of wealthy people from all over the world send their children to be educated. Many of these students might be expected to have both the time and inclination to buy books.
- Northwestern faculty are more highly-paid than your typical college professors and teachers and one would expect that they would also be regular patrons of a local bookstore.
In sort, if Barnes & Noble isn’t able to succeed in Evanston, PG doesn’t know exactly where in the United States very many Barnes & Noble stores will be able to succeed.
Barnes & Noble’s former landlord was Northwestern Medicine, a large medical services provider that is associated with the Northwestern University Medical School.
PG couldn’t find any indication that the landlord was trying to push Barnes & Noble out, but the space formerly occupied by Barnes & Noble was reportedly going to be used for additional Northwestern Medicine facilities.
PG wonders if Barnes & Noble is able to afford to have bookstores closed to its best customers any more.
Received in my email 12:06 AM 10/15…
Dear Barnes & Noble Customer,
It is with the greatest regret we inform you that we were made aware on October 10, 2020 that Barnes & Noble had been the victim of a cybersecurity attack, which resulted in unauthorized and unlawful access to certain Barnes & Noble corporate systems.
We write now out of the greatest caution to let you know how this may have exposed some of the information we hold of your personal details.
Firstly, to reassure you, there has been no compromise of payment card or other such financial data. These are encrypted and tokenized and not accessible. The systems impacted, however, did contain your email address and, if supplied by you, your billing and shipping address and telephone number. We currently have no evidence of the exposure of any of this data, but we cannot at this stage rule out the possibility. We give below answers to some frequently asked questions.
We take the security of our IT systems extremely seriously and regret sincerely that this incident has occurred. We know also that it is concerning and inconvenient to receive notices such as this. We greatly appreciate your understanding and thank you for being a Barnes & Noble customer.
Barnes & Noble
FAQ
1. Have my payment details been exposed?
No, your payment details have not been exposed. Barnes & Noble uses technology that encrypts all credit cards and at no time is there any unencrypted payment information in any Barnes & Noble system.
2. Could a transaction be made without my authorization?
No, no financial information was accessible. It is always encrypted and tokenized.
3. Was my email compromised?
No. Your email was not compromised as a result of this attack. However, it is possible that your email address was exposed and, as a result, you may receive unsolicited emails.
4. Was any personal information exposed due to the attack?
While we do not know if any personal information was exposed as a result of the attack, we do retain in the impacted systems your billing and shipping addresses, your email address and your telephone number if you have supplied these.
5. Do you retain any other information in the impacted systems?
Yes, we also retain your transaction history, meaning purchase information related to the books and other products that you have bought from us.
BTW, Nate makes a good point that you should look extra careful at any credit card you have that might be linked to a Barnes and Noble account.
I saw somebody wondering why none of the major tech news sites noticed a four day Nook attack.
(They did notice when somebody got the latest version of DOOM running on a Samsung fridge. Via the Microsoft game streaming app for android.)
All the tech sites noticed immediately when Garmin went down a few months ago. Very similar pattern, Friday night all of Garmin’s systems went down. 4 Days later Garmin payed the blackmail money and started getting systems online.
I strongly suspect B&N is going to have a 10 million dollar write off on their taxes this quarter.
Pay your IT people and invest in security. It costs less in the long run.
I wonder how long they went without being able to fulfill Nook purchases – or online purchases through BN.com. I wonder how many people were actually inconvenienced.
I note that a news search for Barnes and Noble outage returns only 2 matches, neither from any actual news source.
Re: the Evanston B&N.
I noticed this in an article…
Notice how she didn’t say she was sad because it was where she bought books.
Then there was this…
There are other bookstores in town. The college is only half open. The lease was up. As we know, they would normally have had to sign another lease at market rate for another 10 years. Time to get off the pot.