Thieves gained access to PIN numbers by hacking into the keypads on store counters
Thieves stole credit and debit card PINs from thousands Barnes & Noble customers, not by breaking into the company's website, but by hacking the keypads sitting right on their store counters. The FBI is reportedly investigating claims that keypads where customers swipe their cards and enter their own personal ID numbers were compromised at 63 stores, putting everyone who used the machines at risk.
The security issue was first reported by Michael Schmidt and Nicole Perlroth of The New York Times. They also published a list of the stores that were affected. If you shopped at any of them, even as recently as September 14, you should probably talk to your banks.
Neither the Justice Department or the company formally announced the breach, but Barnes & Noble did remove all of the keypads from all of its stores and currently has no plans to return them.