Monday, May 16, 2022

Barnes & Noble hacked, user financial info stolen

Barnes & Noble unveiled Wednesday that PIN pads at 63 of its U.S. stores were compromised in September, in what appears to be a sophisticated criminal effort to steal banking-card information and PIN numbers from customers.

The security breach was first exposed on September 14, but the retailer didn’t make the information public at the request of government agencies, which are now looking into the matter.

The tampered PIN pads had embedded bugs that allowed the seizure of credit-card and PIN numbers. Barnes & Noble said it unplugged all PIN pads from its stores nationally by close of business September 14, and added that customers may securely shop with credit cards through the company’s registers.

Barnes & Noble gives notice to anyone who shopped recently at one of its stores and paid by swiping a debit or credit card to change their PINs, review their account statements for any unauthorized transactions, and notify their bank if they find any suspicious activity.

The retailer assured its customer database is secure, and that online purchases, or purchases made through its Nook line of e-reders, tablets, and apps, are not touched.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Top Massachusetts hospital suffers a data breach

One of the United State’s leading hospitals, Massachusetts General (MGH), has fallen victim to a …