In September, Barnes & Noble discovered tampering with their PIN pad devices. In a letter to customers on their website, they called it ’a sophisticated criminal effort to steal credit and debit card information from our customers who have swiped their cards through PIN pads when they made purchases at certain retail stores.”
According to The New York Times, “A high-ranking official for the company said that hackers had used information from some customers’ credit cards to make unauthorized purchases, but that activity had mainly occurred in September and had declined in recent weeks.”
Although Barnes & Noble said they are ”working with banks, payment card brands and issuers to identify accounts that may have been compromised, so banks and issuers can employ enhanced fraud security measures on potentially impacted accounts,” they have not notified customers directly.
The New York Times quoted an official as saying, “We have acted at the direction of the U.S. government and they have specifically told us not to disclose it, and there we have complied.” But in the letter, Barnes & Noble does encourage concerned customers to check their statements and change PIN numbers.
They’ve given a complete list of the stores where tampering occurred. Our local stores are not on this list. However, for anyone who has made a purchase out of state or knows someone who could have been affected please see the complete list at the bottom of the letter.
This did not involve any purchases made through Nook devices or apps, only in-store purchases.
All of the PIN Pad devices, in all B&N stores, are no longer in use. Secure transactions can be made by swiping a card through the card reader on the cash register.