Details remain sketchy

Ingram data breach resulted in theft of publishers' titles

One of the world’s largest book distributors has revealed that some titles have been illegally downloaded following a data breach of one of its digital content platforms.

Tennessee-based Ingram Content Group says the books were downloaded after a customer’s CoreSource account was subject to unauthorized access.

CoreSource is used by more than 37,000 publishers around the world to store, manage, and distribute ebooks, and print and audio books.

In a statement obtained by The Daily Swig, CoreSource – part of Ingram business unit Lightning Source – said it recently “learned that a CoreSource customer’s account was used for unauthorized downloads of some publishers’ titles”.

It added:

Immediately upon identifying the unauthorized access and suspect downloads, we launched a thorough investigation, took measures to disable the impacted accounts and blocked any further unauthorized access. We also engaged a third-party professional computer security firm to assist.

Prying eyes

Asked when the breach was detected and how many titles were illegally downloaded, a spokesperson told The Daily Swig that “as this is still under investigation, we really aren’t able to disclose anything more than this at the present time”.

The statement continued: “We highly value the security and confidentiality of our clients’ works and are taking steps to further enhance our existing security measures.

“We will continue to assess additional measures that may further ensure the security and confidentiality of our clients’ works.”  

A webpage expounding CoreSource’s benefits on Ingram’s website says that “a dedicated development team and state-of-the-art data centers provide the highest level of protection for storing, managing and distributing your content”.

The Ingram Content Group ships more than 19 million titles to booksellers, librarians, and educators across the US.

The company also operates a print-on-demand business from facilities in the US, UK, France, and Australia, and provides digital distribution services for educators through VitalSource and MyiLibrary.

READ MORE San Francisco Airport data breach: Double website hack may have lifted users’ Windows login credentials