Our editorial team is independent and objective. To help support our review work, and to continue our ability to provide this content for free to our readers, we receive compensation from the companies that advertise on the CreditMashup site. This site does not include all companies or products available within the market.

We also include links to advertisers’ offers in some of our articles; these “affiliate links” may generate income for our site when you click on them. The compensation we receive from advertisers does not influence the recommendations or advice our editorial team provides in our articles or otherwise impact any of the editorial content.

While we work hard to provide accurate and up to date information that we think you will find relevant, CreditMashup does not and cannot guarantee that any information provided is complete and makes no representations or warranties in connection thereto, nor to the accuracy or applicability thereof. Here is a list of our partners who offer products that we have affiliate links for.

Barnes & Noble the latest retailer to experience customer data breach

barnes-noble-credit-card-data-breachBarnes and Noble is the latest major retailer to experience a customer credit card data breach. As hackers get more sophisticated, point-of-sale attacks are increasing.

The breach was not discovered until September 14, 2012 and was heavily concentrated on the east coast; but stores in Florida, Illinois and California have also been affected.

Approximately 63 Barnes and Nobles stores, with card-reading PIN pads at the front registers where customers swipe their credit cards and enter their personal identification numbers or PINs, were compromised.

Hackers who gained access to the terminals, stole credit card information for customers who shopped as recently as September. Although the breach was discovered on September 14, 2012, the matter was kept quiet at the request of the Justice Department in order for the F.B.I. to determine who was behind the attacks.

Consumers who shopped at Barnes & Noble over the last several months may want to keep tabs on their financial records and check for unauthorized transactions. It has been reported some of the credit card numbers have already been used by identity thieves.

Barnes and Noble defended its decision not to inform customers about the data breach, stating the company informed credit card companies that certain accounts might have been compromised.

An official for the company said “We have acted at the direction of the U.S. government and they have specifically told us not to disclose it, and there we have complied.”

[More: Monitor your credit score and activity at Equifax and Transunion]

Barnes and Noble did shut down 7000 PIN pads in several hundred stores across the country as it was discovered that many of them had been tampered with. The keypads were shipped to a location where they can be examined.

It was determined that only one keypad in each of the 63 stores had been hacked. “The criminals planted bugs in the tampered PIN pad devices, allowing for the capture of credit card and PIN numbers,” the company said.

“Barnes and Noble disconnected all PIN pads from its stores nationwide by close of business September 14, and customers can securely shop with credit cards through the company’s cash registers.  Barnes and Noble said it is committed to providing customers with a safe shopping environment.”

Barnes and Noble has yet to reinstall the devices.  “Right now, we have no PIN pads in any stores and we are O.K. with that,” a company official said.

Customers can still use their debit or credit card at the register but the cashier will swipe their cards on a reader directly connected to the registers.

The company is being tight lipped on how their network was penetrated. Security experts speculate a company insider could have inserted malicious code, or criminals could have persuaded an unsuspecting employee to click on a malicious link that installed malware, giving the perpetrators access to Barnes & Noble’s point-of-sale terminals.

Explore More

Disclaimer: A OneUnited Checking Account is required to apply.

Join the family!

Get expert tips, news, and resources delivered to your inbox weekly.

You have been successfully Subscribed! Ops! Something went wrong, please try again.

Get In Touch

6080 Center Dr, 6th Fl
Los Angeles, CA 90045

© 2024 All Rights Reserved.