The bookseller Barnes & Noble announced today that someone hacked debit-card swipe devices at 63 stores around the country. The company has not released any information on exactly how the swipe machines were hacked, only that one machine at each of 63 stores were compromised.
Brian Krebs is an investigative reporter who covers cyber security. He says, “If past breaches are any indicator, it was almost certainly an inside job at some level.”
Hacks like these can happen one of two ways. One is at the factory where these devices are made. The criminals can either install malicious software or hardware can be inserted directly into the device before it’s shipped. Or Krebs pointed out, “they are compromised by employees or contractors.”
That could be employees of the chain or employees of the company that services the readers. Barnes & Noble declined to comment, citing an investigation by the FBI. As part of the investigation, all 7,000 keypads at Barnes & Nobles across the country have been shut down.
Former hacker turned security consultant Kevin Mitnick expects these attacks to continue. “The system in America is broken” he says.
Partly because these types of scams are simple to pull off. And because they are hard to detect.
“And the profits are huge.” Mitnick says. “We’re talking about wholesale interception of credit card numbers and PIN numbers, which translates directly to money at an ATM machine.”
So what can you do to protect the debit card in your hand? Not much other than checking your monthly statement for any unauthorized charges. Barnes & Noble suggests changing your PIN number if you think your card may have been compromised at one of its card readers prior to Sept. 14.
We’re here to help you navigate this changed world and economy.
Our mission at Marketplace is to raise the economic intelligence of the country. It’s a tough task, but it’s never been more important.
In the past year, we’ve seen record unemployment, stimulus bills, and reddit users influencing the stock market. Marketplace helps you understand it all, will fact-based, approachable, and unbiased reporting.
Generous support from listeners and readers is what powers our nonprofit news—and your donation today will help provide this essential service. For just $5/month, you can sustain independent journalism that keeps you and thousands of others informed.