Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Crime Security IT

Criminals Crack and Steal Customer Data From Barnes & Noble Keypads 83

Posted by Unknown Lamer from the cash-only dept.
helix2301 writes with an excerpt from CNet "Hackers broke into keypads at more than 60 Barnes & Noble bookstores and made off with the credit card information for customers who shopped at the stores in the last month. At least one point-of-sale terminal in 63 different stores was compromised recording card details. Since discovering the breach, the company has uninstalled all 7,000 point-of-sale terminals from its hundreds of stores for examination."
This discussion has been archived. No new comments can be posted.

Criminals Crack and Steal Customer Data From Barnes & Noble Keypads More

Criminals Crack and Steal Customer Data From Barnes & Noble Keypads

Comments Filter:

  • Well done B&N (Score:5, Insightful)

    by Anonymous Coward on Wednesday October 24, 2012 @11:33AM (#41752789)

    Seriously, no irony.

    They got hacked. They got the Feds. involved to catch the scum. They figured out who was "likely-impacted." Their notifying the banks involved, so hopefully the computers can catch any spending patterns that come from the breach. They pulled the infected equipment. They let the world know.

    They'll still get my business.

  • Why hasn't this been fixed? (Score:5, Insightful)

    by Peter Simpson ( 112887 ) on Wednesday October 24, 2012 @11:52AM (#41753039)
    Seems to be a common thread in these PIN pad hacks: they steal/buy/obtain one, hack it, then swap it with a "live" one, take that home, hack it, and repeat.

    So why:
    - don't the PIN pads have unique IDs?
    - hasn't the terminal software been updated to sound an alarm when the stored PIN pad ID doesn't match the ID read from the PIN pad?
    - doesn't the terminal alarm WHENEVER the PIN pad is disconnected?

    It's not like this hasn't been happening for a while...

    (and I predict the perpetrators, when caught, will have eastern European (FSR) names...)

  • Re:Don't use ATM/Debit cards for purchases (Score:4, Insightful)

    by theNetImp ( 190602 ) on Wednesday October 24, 2012 @12:03PM (#41753193)

    Great, so what happens when you are denied a credit card. Seriously that is not a solution.

    I have 2 checking accounts and a savings account. All money is direct deposited into my savings account. All bills go into checking account #1 which does not have a debit card. Account #2 has a debit card and a minimal balance of $1 to keep it open. If I know I need to buy something with the debit card I move the money to savings. You 1) never bounce a check ever again because you're purposefully put the money in an account that you use for bills, and you have 0 risk if your debit card # is stolen.

    Problem solved,

  • Re:Well done B&N (Score:5, Insightful)

    by ShanghaiBill ( 739463 ) on Wednesday October 24, 2012 @12:43PM (#41753671)

    Why are they storing CCs at all on the terminals?

    It is common for terminals to store CC numbers for a window of time so that transactions can be voided or refunded even if the network is down. They could be encrypted first, but they usually aren't. But to blame any of this on B&N seems silly, because B&N is not in the "terminal" business. The terminals were supplied by their bank. B&N just put them on the counter and hooked them up to the cash register, just like any other shop would. Blame should be directed at the company that made and programmed the terminals.

Slashdot Top Deals

Today is a good day for information-gathering. Read someone else's mail file.

Close