Barnes & Noble

Under Review: 
No Review
Date Breach Made Public: 
October 24, 2012
New York , NY
United States
New York US

Concerned customers may call 1-888-471-7809 or visit

Records Breached: 


Breach Total Number: 
California Attorney General
Year of Breach: 
Type of organization: 
Type of breach: 

PIN pad devices used to process credit and debit card information in stores were compromised.  The breach was discovered around September 14 during maintenance and inspection of the devices.  Anyone who used a credit or debit card at a Barnes & Noble may have been affected by a sophisticated criminal effort to steal that information.  Names, payment card account numbers, and PINs may have been exposed.  Barnes & Noble removed all PIN pads. Fewer than 1% of the inspected PIN pads had been affected.

UPDATE (10/24/2012): A total of 63 Barnes and Noble stores in nine states had at least one compromised PIN pad device.  Malicious code was installed on the PIN pads.

UPDATE (09/05/2013): A federal judge ruled that customers failed to show that their personal information was stolen in the data breach.