More than 300,000 cash registers sold by Oracle around the world are affected by a data breach in its retail unit, the company has confirmed.
First reported by Krebs on Security, the data breach appears to have been orchestrated by a Russian organized cyber crime group called the Carbanak Gang. This information was shared with Brian Krebs by two security experts who have knowledge of the investigation into the breach. According to them, the MICROS customer support portal was communicating with one of the servers known to have been used by the hacking group, which is part of a Russian cyber crime syndicate suspected of stealing more than $1 billion from retailers, hotels and banks over the last several years.
Oracle has gotten in touch with its MICROS customers, requiring them to change all their passwords for all their accounts. Any password used by a MICROS representative for any account should also be changed, as recommended by the company.
According to a communication sent to MICROS customers, the threat has been addressed and Oracle's corporate network and other cloud and service offerings were not affected by the malicious code found in the point-of-sale systems.
"Payment card data is encrypted both at rest and in transit in the MICROS hosted environment," Oracle added.
An investigation is underway to determine the size and scope of the data breach and when the hackers were able to first gain access to the MICROS system.
According to sources, however, Oracle originally thought of the breach to be limited to a small number of servers and computers at its retail division. But when new security tools were applied to the systems in the affected network, investigators realized that more than 700 systems have been infected.
Krebs started looking into the data breach after one of his readers sent in an email saying they had heard about a potentially massive breach in Oracle's retail unit. According to the reader, who is also a MICROS customer, they were first informed that the breach was limited to staff members, meaning customers were not affected.
Unfortunately, that wasn't the case.
Given MICROS POS systems are used by retailers all over the world, its data breach could help explain the many cyberattacks that have plagued POS systems in recent months. According to a Gartner analyst, if a retailer was hacked and they happened to be a MICROS customer, then the data breach is likely to be the cause.
Oracle acquired MICROS in 2014 for $5.3 billion. MICROS POS systems are used by companies like the hotels Hyatt, Marriott and Hilton; Starbucks; Burger King; Ikea and Adidas.
Photo: Johan Viirok | Flickr