(Corrects number of stores company operates)
Oct 23 U.S. retail firm Barnes & Noble
said customers who have shopped as recently as last month at 63
of its 700 bookstores in the country may have their credit card
information stolen, and has informed federal law enforcement
authorities about the breach.
The company said in a statement it has disconnected all PIN
pads from its nearly 700 stores nationwide by close of business
Sept 14. upon detecting tampering of those devices.
As a precautionary measure, the company said customers and
employees who have swiped their cards at any of the stores with
affected PIN pads should change the PIN numbers on their debit
cards and review their statements for any unauthorized
However, the company also said its customer database is
secure. Purchases made on Barnes & Noble website, Nook e-reader
and Nook mobile apps were not affected, it added.
Barnes & Noble said the company has been assisting the
federal authorities in investigation into the matter.
Separately, a spokesman for the Federal Bureau of
Investigation (FBI) told Reuters that the agency's New York
field division is investigating the breach at Barnes & Noble.
The spokesman also confirmed a New York Times report that
said the company received two letters from the U.S. attorney's
office for the Southern District of New York that said it did
not have to report the attacks to its customers during the
At least one of the letters said that the company could wait
until Dec. 24 to tell the customers.
(Reporting by Phil Wahba, Basil Katz and Sakthi Prasad; Editing
by Muralikumar Anantharaman)