# Warning for Barnes & Noble Shoppers- US



## 95Viper (Oct 25, 2012)

A little story, in case any of you have been shopping at Barnes & Noble.

Barnes & Noble has detected tampering with their pin pad devices in 63 of it's stores nationwide.
It is recommending that customer keep track and be aware of their accounts;, also, they may want to change their passwords/pins.

Law enforcement has been notified and are investigating.  Also, B&N is doing it's own investigation and co-operating with law enforcement.

Source: Business Wire Newsroom

Quotes and info from story @ Barnes & Noble Detects Tampering With PIN Pad Devices at Stores



> NEW YORK--(BUSINESS WIRE)--Barnes & Noble (BKS) has detected tampering with PIN pad devices used in 63 of its stores. Upon detecting evidence of tampering, which was limited to one compromised PIN pad in each of the affected stores, Barnes & Noble discontinued use of all PIN pads in its nearly 700 stores nationwide. The company also notified federal law enforcement authorities, and has been supporting a federal government investigation into the matter.



List of stores from above story @ Business Wire



Spoiler






> Tampered PIN pads were discovered from stores in the following states: CA, CT, FL, NJ, NY, IL, MA, PA, RI. A complete list of specific stores follows.
> Store Address 	   	   	   	   	City 	   	   	   	   	State 	   	   	   	   	   	   	Zip
> 4735 Commons Way 	   	   	   	   	 Calabasas 	   	   	   	   	 CA 	   	   	   	   	   	   	 91302
> 2470 Tuscany Street Suite 101 	   	   	   	   	 Corona 	   	   	   	   	 CA 	   	   	   	   	   	   	 92881
> ...


----------



## Easy Rhino (Oct 25, 2012)

from the article 





> The criminals planted bugs in the tampered PIN pad devices, allowing for the capture of credit card and PIN numbers.



so this was obviously well coordinated across that many States. i wonder how they were able to sneak the bugs into the pin pads...


----------



## TheMailMan78 (Oct 25, 2012)

Easy Rhino said:


> from the article
> 
> so this was obviously well coordinated across that many States. i wonder how they were able to sneak the bugs into the pin pads...



64 stores were affected AFAIK and its only an issue if you went to the store itself. Nothing online was affected.


----------



## Easy Rhino (Oct 25, 2012)

TheMailMan78 said:


> 64 stores were affected AFAIK and its only an issue if you went to the store itself. Nothing online was affected.



i know. but i wonder how they were able to make that kind of coordination. sneaking the bugs into the pin pads could not be easy


----------



## brandonwh64 (Oct 25, 2012)

Easy Rhino said:


> i know. but i wonder how they were able to make that kind of coordination. sneaking the bugs into the pin pads could not be easy


----------



## Disparia (Oct 25, 2012)

Easy Rhino said:


> i know. but i wonder how they were able to make that kind of coordination. sneaking the bugs into the pin pads could not be easy



I think that's what they said about a first-gen electronic voting machines. "Yeah, it's secure... except for this unlocked USB port". 

Since you can buy one of these pin pads, you have all the time you need to become expertly familiar with it. Devise a way to bug it, practice, train others, etc.


----------



## Hybrid_theory (Oct 25, 2012)

You really have to be mindful of your bank account. Lots of these devices are vulnerable, even with the chip and pin system. B&N found it, but how many are still out there not found? Its worse with credit cards that have systems like pay pass. Then someone can just walk by you and scan your wallet.


----------



## ShiBDiB (Oct 25, 2012)

63 stores? Sounds more like an inside job


----------

