The point-of-sale cash register systems sold by Oracle appear to have been hit by Russian hackers known for breaking into banks and retailers, security blogger Brian Krebs reports.
Oracle purchased the company that makes these systems, Micros, back in 2014 for $5.3 billion. Micros is known as one of the top three POS vendors in the world, Krebs reports, and when Oracle bought the company it said these systems were installed in over 330,000 places worldwide like restaurants, bars, retail sites, and hotels.
The breach appears to have happened from within Oracle’s customer support systems. Krebs writes:
“Oracle’s MICROS customer support portal was seen communicating with a server known to be used by the Carbanak Gang. Carbanak is part of a Russian cybercrime syndicate that is suspected of stealing more than $1 billion from banks, retailers and hospitality firms over the past several years.”
Oracle has publicly acknowledged that a security issue has occurred, alerted its customers, and told them to change their passwords.
It’s unclear if customers of these retail and hotel establishments will be impacted. Oracle says that credit card data is encrypted, so even if the hackers stole the credit card info, they may not be able to unencrypt it and use it.
Oracle also says that its own internal network was not breached, nor was the cloud computing services that it offers to other customers.
Here’s the statement Oracle sent to its customers:
“Oracle Security has detected and addressed malicious code in certain legacy MICROS systems. Oracle’s Corporate network and Oracle’s other cloud and service offerings were not impacted by this code. Payment card data is encrypted both at rest and in transit in the MICROS hosted environment.
“To prevent a recurrence, Oracle implemented additional security measures for the legacy MICROS systems. Consistent with standard security remediation protocols, Oracle is requiring MICROS customers to change the passwords for all MICROS accounts.
“Information for customers on how to change your passwords has been published on My Oracle Support (Doc ID 2165744.1). We also recommend that you change the password for any account that was used by a MICROS representative to access your on-premises systems.”
Business Insider Emails & Alerts
Site highlights each day to your inbox.