Hackers have stolen credit card information from more than 60 Barnes and Noble stores, including three stores in Massachusetts, according to Barnes and Noble officials.
One PIN pad device was tampered with at each of the stores in Walpole, Chestnut Hill, and Hingham, according to Barnes & Noble.
Barnes & Noble said:
Barnes & Noble has completed an internal investigation that involved the inspection and validation of every PIN pad in every store. The tampering, which affected fewer than 1% of PIN pads in Barnes & Noble stores, was a sophisticated criminal effort to steal credit card information, debit card information, and debit card PIN numbers from customers who swiped their cards through PIN pads when they made purchases. This situation involved only purchases in which a customer swiped a credit or debit card in a store using one of the compromised PIN pads…
The criminals planted bugs in the tampered PIN pad devices, allowing for the capture of credit card and PIN numbers. Barnes & Noble disconnected all PIN pads from its stores nationwide by close of business September 14, and customers can securely shop with credit cards through the company’s cash registers. Barnes & Noble said it is committed to providing customers with a safe shopping environment.
The company, which has nearly 700 stores across the U.S., notified federal law enforcement agencies, which are investigating the hacking. B&N is also working with banks and credit card companies to find accounts that may have been compromised.
The company added that its customer database is secure and that purchases on its website, NOOK and NOOK mobile apps were not affected.