Russian hackers appear to have infiltrated up to 330,000 computer cash registers sold by Oracle
Kimberly White/Stringer/Getty Images
Oracle purchased the company that makes these systems, Micros, back in 2014 for $5.3 billion. Micros is known as one of the top three POS vendors in the world, Krebs reports, and when Oracle bought the company it said these systems were installed in over 330,000 places worldwide like restaurants, bars, retail sites, and hotels.
The breach appears to have happened from within Oracle's customer support systems. Krebs writes:
"Oracle's MICROS customer support portal was seen communicating with a server known to be used by the Carbanak Gang. Carbanak is part of a Russian cybercrime syndicate that is suspected of stealing more than $1 billion from banks, retailers and hospitality firms over the past several years."
Oracle has publicly acknowledged that a security issue has occurred, alerted its customers, and told them to change their passwords.
It's unclear if customers of these retail and hotel establishments will be impacted. Oracle says that credit card data is encrypted, so even if the hackers stole the credit card info, they may not be able to unencrypt it and use it.
Oracle also says that its own internal network was not breached, nor was the cloud computing services that it offers to other customers.
Here's the statement Oracle sent to its customers:
"Oracle Security has detected and addressed malicious code in certain legacy MICROS systems. Oracle's Corporate network and Oracle's other cloud and service offerings were not impacted by this code. Payment card data is encrypted both at rest and in transit in the MICROS hosted environment.
"To prevent a recurrence, Oracle implemented additional security measures for the legacy MICROS systems. Consistent with standard security remediation protocols, Oracle is requiring MICROS customers to change the passwords for all MICROS accounts.
"Information for customers on how to change your passwords has been published on My Oracle Support (Doc ID 2165744.1). We also recommend that you change the password for any account that was used by a MICROS representative to access your on-premises systems."
- Love in the time of elections: Do politics spice up or spoil dating in India?
- Samsung Galaxy S24 Plus review – the best smartphone in the S24 lineup
- Household savings dip over Rs 9 lakh cr in 3 years to Rs 14.16 lakh cr in 2022-23
- Misleading ads: SC says public figures must act with responsibility while endorsing products
- Here’s what falling inside a black hole would look like, according to a NASA supercomputer simulation
- Nothing Phone (2a) blue edition launched
- JNK India IPO allotment date
- JioCinema New Plans
- Realme Narzo 70 Launched
- Apple Let Loose event
- Elon Musk Apology
- RIL cash flows
- Charlie Munger
- Feedbank IPO allotment
- Tata IPO allotment
- Most generous retirement plans
- Broadcom lays off
- Cibil Score vs Cibil Report
- Birla and Bajaj in top Richest
- Nestle Sept 2023 report
- India Equity Market