Barnes & Noble announced Tuesday that devices used by customers to swipe credit and debit cards had been tampered with in 63 of its stores, according to an article from The Associated Press.

The company is warning customers to check their statements for unauthorized transactions and to change PINs. It did not say how many accounts may have been compromised from the stores in nine states, the article says.

The New York Times, citing a high-ranking company official that was not named, reported that hackers had made unauthorized purchases on some customer credit cards.

The bookseller said in the Tuesday statement that only one of the PIN pads was tampered with in each of the 63 stores, located in California, Connecticut, Florida, Illinois, Massachusetts, New Jersey, New York, Pennsylvania and Rhode Island, AP reports. All of the PIN pads in the company’s nearly 700 stores nationwide were disconnected on Sept. 14 after the company learned of the tampering.

Barnes & Noble says that it is working with banks and card issuers to identify compromised accounts so additional fraud-protection measures can be taken, the article says. Customers in the bookstores will ask cashiers to swipe credit or debit cards on card readers connected to cash registers – a secure process, the company says in the AP article.

Anything bought on the company’s website or its tablet device and app was not affected, the article says. The company also says that its customer database is secure.