Retailer Barnes & Noble said that devices used by customers to swipe credit and debit cards with in 63 of its stores in nine states of the US could have been tampered with.
The company issued a statement, which said that it had disconnected all PIN pads from its stores across the country by close of business on September 14, after it was detected that tampering of the devices had taken place.
The company told customers and employees, who may have swiped their cards at any of these stores, should change their debit cards PIN numbers and also review their statements for any unauthorized transactions.
The company, however, maintained that its customer database was secure, and also added that it did not affect the purchases made on Barnes & Noble website, Nook e-reader and Nook mobile apps.
Barnes & Noble said the company has been assisting the federal authorities in investigation into the matter.
A spokesman for the Federal Bureau of Investigation (FBI) told Reuters that the agency’s New York field division is carrying out investigations on the breach.
The stores where the breaches took place were California, Connecticut, Florida, Illinois, Massachusetts, New Jersey, New York, Pennsylvania and Rhode Island.