Today book retailer Barnes & Noble confirmed that 63 of their retail stores have been compromised with tampered PIN pads. We originally reported the breaking news earlier this morning, but the company completed an internal investigation today that revealed one PIN pad in each of the 63 stores were tampered with, and that customers who used a credit or debit card on the machines were at risk of stolen personal information.
According to the company, the PIN pads were implanted with "bugs" that allowed the recording of credit card information and debit card PINs. Barnes & Noble ended up disconnecting all of its PIN pads on September 14, and is now only allowing credit card purchases directly through their cash registers for the time being.
Barnes & Noble says that the tampering affected only about 1% of all the company's PIN pads around the US, and the 63 stores affected are only in a handful of states, including California, Connecticut, Florida, Illinois, Massachusetts, New Jersey, New York, Pennsylvania, and Rhode Island. To see if your local store was one of the affected locations, check out the full list of all 63 stores.
Barnes & Noble is urging customers who have swiped their cards at the affected locations to change their debit card PINs as a precaution, as well as keeping an eye on credit card statements for fraudulent charges. However, the company notes that their database hasn't been breached, and purchases made elsewhere aren't affected.