Oracle’s Micros POS network hacked
Didn’t see it coming
Oracle’s global network of 330,000 point-of-sale (POS) payment systems has been hacked by a Russian organised cybercrime group.
The breach occurred on the network run by Micros Systems, which Oracle bought in 2014.
The incident was first picked up by computer security expert Brian Krebs, who contacted Oracle for comment.
The firm acknowledged it has “detected and addressed malicious code in certain legacy Micros systems”. It is also asking all Micros customers to reset their passwords for the Micros online support portal.
Micros is among the top three POS vendors globally, and its machines are commonly found in food and beverage outlets, retail sites and hotels.
Krebs says the incident is still being investigated. On his site he says: “Sources close to the investigation say Oracle first considered the breach to be limited to a small number of computers and servers at the company’s retail division.
“That source said that soon after Oracle pushed new security tools to systems in the affected network investigators realised the intrusion impacted more than 700 infected systems.”
Two anonymous security experts also told Krebs that Oracle’s Micros customer support portal was seen communicating with a server known to be used by the Carbanak Gang.
According to Krebs, Carbanak is part of a Russian cybercrime syndicate that is suspected of stealing more than $1 billion from banks, retailers and hospitality firms over the past several years.
Oracle is not answering direct questions about the breach, but says its corporate network and other cloud and service offerings have not been affected.
To reassure its customers, Oracle says the “payment card data is encrypted both at rest and in transit in the Micros hosted customer environments”.
More updates will be provided as and when they happen.
