Barnes & Noble Inc. says customers at 63 stores in 9 states may have had their credit-card information stolen.
In a statement issued Tuesday evening, the nation’s largest bookstore chain said that in September it detected a problem with a PIN pad device used by customers to swipe their credit cards in one of its stores.
The retailer investigated the issue, and then disabled all 7,000 PIN devices in use at its nearly 700 consumer stores on Sept. 14. It then recalled all of the devices for physical inspection and determined 63 devices, each one from a different store, had been tampered with.
Stores affected were in California, Florida, New York, New Jersey, Rhode Island, Connecticut, Massachusetts, Illinois, and Pennsylvania.
The retailer notified the FBI and the U.S. Attorney’s Office for the Southern District of New York. Barnes & Noble said at that time it was asked by the FBI not to disclose the matter to the public for fear of impeding an investigation. The chain said it made the problem known Tuesday evening after the media started asking questions.
A spokesman for the FBI said it was investigating the incidents. The U.S. attorney’s office did not immediately respond to a request for comment.
Barnes & Noble said it didn’t know the number of customers affected. It also said its own internal systems weren’t breached, and that purchases on Barnes&Noble.com weren’t affected, nor were purchases made via its Nook devices or Nook apps. Member data bases weren’t breached, and customers making purchases at the retailer’s college stores also weren’t affected.
via BMS
