Russia hits Again: Victims are Micros Point of Sale machines sold by Oracle
Micros Point of Sale (PoS) machines have been hit by a group of Russian hackers famous for infiltrating banks, and other retailers, KrebsOnSecurity reports.
According to the report, the hackers might have gained access to a customer support portal at Oracle’s Micros PoS credit card systems. Micros is among the top three largest PoS vendors in the globe and has over 333,000 customers worldwide. Oracle acquired Micros for $5.3 billion in 2014.
Oracle was quick to acknowledge that it noticed a data breach when asked to comment on the issue. The company said that it issued an advisory to all retail customers to change their passwords. Oracle stated that it “addressed the malicious code in some legacy Micros Systems.”
At the moment, the scope of the data breach and its consequences are not clear. Furthermore, there is no proof indicating that the attackers first gained access to the Oracle’s servers and systems. A reliable source indicates that Oracle first presumed the breach affected a small number of systems in the retail section before later realizing that the breach affected more than 700 systems.
There are several ways the breach could have been initiated. The breach could have started from a single infected system inside the Oracle systems that then infected other systems. Among the infected systems was the ‘ticketing portal’ that Oracle uses to help remote troubleshooting of Micros PoS. KrebsOnSecurity’s sources within Oracle confirmed that the attackers put malicious code in the customer support portal. The attackers, therefore, had access to customers names and passwords when the customers logged into the support website.
Oracle seems to take the breach lightly. Oracle said that “the payment card data is heavily encrypted whether it is at rest or in transit to Micros servers.” Oracle was not keen to answer any questions regarding the breach. However, they pointed out that the breach did not affect any other cloud-related service offered by Oracle.
Carbanak, the hacking gang behind the breach, involvement should worry Oracle. The gang hardly fails to accomplish its goals. Therefore, the gang probably got what it was after, and it is only a matter of time before customers complain of payment card data irregularities.
The point of Sale machines are attractive targets for many hackers nowadays. PoS malware has resulted in massive credit and debit cards breaches in the recent past. Such malware allows a hacker to access all card data of any card swiped on an infected PoS.