B&N: PIN pad tampering was "sophisticated" crime

Oct 24, 2012

(AP)—Barnes & Noble Inc. said Wednesday the tampering of devices used by customers to swipe credit and debit cards in 63 of its stores was a "sophisticated criminal effort" to steal information, and reiterated it's working with federal law enforcement authorities.

The largest U.S. bookseller late Tuesday disclosed the data breach in stores in California, Connecticut, Florida, Illinois, Massachusetts, New Jersey, New York, Pennsylvania and Rhode Island, and warned customers to check for unauthorized transactions and to change their personal identification numbers, or PINs.

B&N said only one device, or PIN pad, was tampered with in each store, affecting less than 1 percent of these devices in its stores. It released a complete list of locations that were affected. All the PIN pads in its nearly 700 stores nationwide were disconnected on Sept. 14, after the company learned of the tampering.

In a press release issued Wednesday, B&N said the criminals planted bugs in the tampered devices, allowing for the capture of credit card and PIN numbers. The company did not offer a timeline for when the bugs were planted or how long they were in use before they were discovered.

B&N said that it's continuing to work with federal law enforcement and with banks, payment card brands and issuers to identify accounts that may have been compromised, so that additional fraud-protection measures can be taken.

Customers at its book stores will now have to ask cashiers to swipe credit or debit cards on card readers connected to cash registers, a process that is secure, Barnes & Noble said.

Anything bought on Barnes & Noble.com or with the chain's Nook devices and app were not affected, the company said. It also said its customer database is secure.

Barnes & Noble is only the latest major retailer to be a victim of a serious data breach. In one of the largest, more than 45 million credit and debit cards were exposed to possible fraud because of hackers who broke into the computer system of TJX Cos., the parent company of retailers T.J. Maxx and Marshall's, starting in 2005.

Explore further: Drones may violate international law

not rated yet

Copyright 2012 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

add to favorites email to friend print save as pdf

Related Stories

Data breach put 1.5M numbers at risk

Apr 02, 2012

(AP) -- A company that processes credit card transactions said Monday that as many as 1.5 million card numbers were compromised in a data breach early last month.

Citigroup says 360,000 affected by hackers

Jun 16, 2011

Hackers stole account information of more than 360,000 of Citigroup Inc.'s U.S. credit card customers in a recent data breach, the bank said Wednesday, almost double the number initially thought.

Visa, MasterCard scramble after massive data breach

Mar 30, 2012

Credit card giants Visa and MasterCard were scrambling on Friday to thwart cyber crooks who looted a massive trove of precious account data, evidently from a payment processor in New York.

TJX reaches settlement with states on data theft

Jun 23, 2009

(AP) -- Discount retailer TJX Cos. said Tuesday it has reached a settlement with multiple states related to a massive data theft that occurred at the parent company of retailers T.J. Maxx and Marshall's a few years ago.

Barnes & Noble unveils $199 Nook Tablet

Feb 21, 2012

US bookseller Barnes & Noble unveiled a new version of its Nook tablet computer Tuesday, a device with the same $199 price tag as Amazon's Kindle Fire.

Recommended for you

Drones may violate international law

17 hours ago

(Phys.org) —As President Obama gives a speech on national security—including defending U.S. use of drones to combat terrorism—Leila Sadat, JD, international law expert and professor of law at Washington University in ...

Text in on smarter phones

May 22, 2013

Alternative input methods for smart phones, such as Swype and SwiftKey, offer substantial benefits to users and are comparable with common typing speeds found on computer keyboards, according to a report published by researchers ...

AP probe further strains Obama, press rapport

May 20, 2013

Reports emerged last week that the Department of Justice had secretly obtained two months' worth of phone records of journalists at The Associated Press as part of a larger investigation into a failed al-Qaida ...

User comments : 0

More news stories

Google eyes emerging markets networks

Google has become deeply involved in a series of projects to build and operate wireless networks in emerging markets including sub-Saharan Africa and Southeast Asia, a report said Friday.

Facial-recognition technology proves its mettle

(Phys.org) —In a study that evaluated some of the latest in automatic facial recognition technology, researchers at Michigan State University were able to quickly identify one of the Boston Marathon bombing ...

Drones may violate international law

(Phys.org) —As President Obama gives a speech on national security—including defending U.S. use of drones to combat terrorism—Leila Sadat, JD, international law expert and professor of law at Washington University in ...

The long road to the 2000-watt society

The vision of a society in which each inhabitant of the earth manages to consume only 2000 watts has already been around for 15 years. During this time, there has been a steady increase in environmental awareness ...

Galaxies fed by funnels of fuel

(Phys.org) —Computer simulations of galaxies growing over billions of years have revealed a likely scenario for how they feed: a cosmic version of swirly straws.