Oracle confirms data breach at Micros point-of-sale arm

9 Aug 2016

It is not known how many businesses may have been impacted by the attack but Oracle is urging customers to change their login details

Oracle’s retail systems arm Micros has been hacked by a Russian organised cybercrime group that compromised the company’s point-of-sale credit card payment systems.

Oracle acknowledged that it detected and addressed malicious code in certain legacy Micros systems.

Micros is also asking all Micros customers to reset their passwords for the Micros online support portal.

The situation is significant because Micros is in the top three point-of-sale systems vendors in the world.

Russian gang behind attack have stolen $1bn over last several years

Malware planted on the systems by the hackers enabled attackers to steal customers’ login details, according to Brian Krebs from Krebs on Security.

Oracle said that the breach does not affect its other corporate networks, cloud services or systems.

The Micros system powers more than 330,000 cash registers worldwide.

Oracle acquired Micros in 2014.

The intrusion was discovered when Oracle rolled out new security tools and discovered that more than 700 systems were impacted by the hack.

The gang behind the attack are understood to be the Carbanak Gang, a Russian cybercrime syndicate suspected of stealing more than $1bn from banks, retailers and hospitality firms over the last seven years.

The gang is believed to have placed malicious code on the Micros support portal and the malware allowed the attackers to steal Micros customer usernames and passwords when customers logged in.

Point of sale image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years