Point-of-sale terminals from 63 Barnes & Noble bookstores were hacked, exposing customer credit card information from locations in New York City, San Diego, Miami, and Chicago.
The breach was discovered in the point-of-sale keypads and the company has uninstalled all its 7,000 terminals pending an FBI investigation. Although no keypad was replaced, the company said customersâ€™ PIN information and credit card data is safe and on future transactions they should ask booksellers â€œto swipe their credit and signature debit cards through the card readers connected to cash registersâ€.
Advising customers to change their credit card PIN numbers and monitor their transactions, Barnes & Noble also stated that theyâ€™re already â€œworking with banks, payment card brands and issuers to identify accounts that may have been compromised, so banks and issuers can employ enhanced fraud security measures on potentially impacted accounts.â€
The company emphasized that its customer database was not breached and that everyone who purchased via BarnesandNoble.com, Nook, and Nook apps should not be affected. Since Sept. 14 when the hack was first spotted, Barnes & Noble kept the FBI investigation under wraps, until the full extent of the breach was discovered.
Verizonâ€™s 2012 Data Breach Investigations Report released earlier this year revealed that, instead of targeting large companies, hacks are more likely to happen in small companies with lower security measures or in restaurants and retail stores, with Barnes & Noble in the latter category.