Hackers compromised one pin pad in each of 63 stores located throughout California, Connecticut, Florida, Illinois, Massachusetts, New Jersey, New York, Pennsylvania and Rhode Island, including one at the San Luis Obispo location of the bookstore, according to a press release sent out by Barnes & Noble last week.
“The criminals planted bugs in the tampered PIN pad devices, allowing for the capture of credit card and PIN numbers,” the press release said.
This tampering did not affect online purchases, nor did it affect other PIN pads in Barnes & Noble stores, according to the press release.
Barnes & Noble notified federal law enforcement authorities when the breach was discovered, and is working with authorities to track down the hackers, the press release said. The stores also closed on Sept. 14 to disconnect all PIN pads, and identities are now safe when using credit or debit cards in registers at Barnes & Noble, the release said.
San Luis Obispo’s Barnes & Noble was not one of the stores compromised, but people can check the list of compromised stores at Barnes & Noble’s corporate website. The company’s press release also advised those worried about identity theft after a purchase to check transaction statements and change PIN numbers on debit cards.
Cal Poly students and San Luis Obispo residents also take their own precautions when making purchases to protect their credit card. English senior Keren Scarlat tries to pay for most purchases with cash or credit, she said, though she feels generally safe about her identity at stores like Barnes & Noble.
“I don’t use my debit card online because it’s better to use my credit card,” Scarlat said.
She also prefers to transfer money from ATMs instead of using her card in stores.
Scarlat said her father has had his identity stolen several times, so she tries to be cautious.
“He travels a lot so he uses his card all over the place,” Scarlat said.
San Luis Obispo local Roger Lopez also prefers to avoid using a debit card, which, if stolen, can be used to draw funds directly from the victim’s bank account.
Lopez uses credit or cash instead of debit because purchases on credit can be reimbursed in case of identity theft, Lopez said.
“I’ll use my debit card as a credit card but never as a debit because I figure I’m safer that way,” Lopez said.
Lopez also checks his credit card once a year, he said. The check is free and a simple way to ensure that his identity is secure, Lopez said.
“I haven’t had any issues yet,” Lopez said.
Landscape architecture junior Jill Broeckel pays with cash, and is wary of in-person theft, she said.
Broeckel keeps her money on her and hides her PIN from onlookers, Broeckel said.
“I always cover the PIN pad when I use a card and I keep my wallet somewhere safe,” Broeckel said.
Journalism senior Angelina DiFrancesco prefers to pay with cash, and is also cautious of paying with a card in establishments that look less than reputable, she said.
Barnes & Noble’s security breach comes as a surprise to DiFrancesco because she saw the bookseller as a safe company, she said.
“I feel like if I go in there I know that they have strong enough security,” DiFrancesco said.
Nonetheless, DiFrancesco, who does not have a credit card, worries about her identity.
DiFrancesco has never checked her credit card and has never checked her credit report, she said. People under 18 with credit cards can have their identities stolen, though, and DiFrancesco worries it could have happened to her without her knowledge, she said.
“I could have had my identity stolen a couple years ago and I’d have no idea,” DiFrancesco said.