Did you use a debit card at your local Barnes & Noble (NYSE: BKS ) store over the summer? If so, the company suggests that you change your PIN number pronto.
The bookstore chain today issued a warning to its customers. Someone tampered with PIN pads in at least 63 of Barnes & Noble's 700 stores as part of a "sophisticated criminal effort steal credit card information, debit card information, and debit card PIN numbers from customers," said the company.
The company disconnected all self-service card-swiping stations in September, upon detecting evidence of tampering. Someone planted "bugs" in the affected PIN pad devices.
Handing your card to the cashier has not been found insecure, and management says online orders are not affected and its customer database is secure. The problem extends to "fewer than 1% of PIN pads in Barnes & Noble stores," it said.
Internal investigators are working with law enforcement, banks, and card issuers to mitigate the damage. One percent of transactions in a limited set of stores may sound small, but we're still talking about thousands of potential victims here.
Barnes & Noble provided a list of stores where the affected PIN pads have been found, and most of them showed up in California, Florida, Illinois, or New York.