Barnes & Noble customers would be wise to keep a close eye on their credit card statements in the near future. The retailer recently revealed that hackers have stolen credit card information of shoppers at 63 retail stores across the country, including stores in Chicago, Miami, New York City and San Diego.

According to reports, the breach took place inside retail stores by breaking into keypads that sit alongside registers where customers swipe cards and enter PIN numbers to approve transactions.

The company confirmed the security breach when confronted, suggesting that customers who shopped at any of the 63 targeted retail stores should change their PIN number and monitor their account for suspicious activity. Some cards were used for unauthorized purchases last month, said a high-ranking executive at Barnes & Noble, but activity has been on the decline this month.

People with knowledge of the investigation say the company first noticed the theft on September 14. Acting on the advice of the Justice Department, the bookseller kept the findings to themselves in order to give the FBI adequate time to investigate the matter. Credit card companies were allegedly alerted although shoppers were kept in the dark until now.

Following the attacks, Barnes & Noble disabled all 7,000 keypads in use at retail stores and had them sent offsite where the company could further investigate how the attacks might have happened. That investigation revealed that only one keypad in each of the 63 stores had been compromised. Nevertheless, the pads were not reinstalled.