The Associated Press has reported that PIN pads used by customers to swipe credit and debit cards have been tampered with in 63 Barnes & Noble stores in nine states, including Pennsylvania and New Jersey.
The bookseller said Tuesday that only one PIN pad in each store was tampered with. The company disconnected all the devices in use nationwide on Sept. 14 when it learned of the tampering. They have replaced the pads with a more secure system of card readers connected directly to the cash registers.
The New York Times reported that the hackers had already made purchases on some customer credit cards.
Federal authorities are investigating. No word yet on how many accounts have been compromised, so all customers are advised to look for unauthorized transactions on their bank statements and to change their PINs.
Barnes & Noble says purchases made on its website and on mobile devices, including its wireless Nook device, were not affected.