<\/p>\n
\nThe risks associated with data breaches continue to grow, impacting a variety of industries, tech firms, and social networking platforms. In the past few months, over 1 Billion credentials were dumped online as a result of mega breaches in popular social networks.\n<\/p>\n
\nNow, Oracle is the latest in the list.\n<\/p>\n
\nOracle has confirmed that its <\/p>\n
MICROS<\/b><\/p>\n
division \u2013 which is one of the world’s top three point-of-sale (POS) services the company acquired in 2014 \u2013 has suffered a security breach.\n<\/p>\n
\nHackers had infected hundreds of computers at Oracle’s point-of-sale division, infiltrated the support portal used by customers, and potentially accessed sales registers all over the world.\n<\/p>\n
\nThe software giant came to know about the data breach after its staff discovered malicious code on the MICROS customer support portal and certain legacy MICROS systems. Hackers likely installed malware on the troubleshooting portal in order to capture customers’ credentials as they logged in.\n<\/p>\n
\nThese usernames and passwords can then be used to access their accounts and remotely control their MICROS point-of-sales terminals.\n<\/p>\n
\nIn a brief letter sent to MICROS customers, Oracle told businesses to change their MICROS account passwords for the MICROS online support site \u2013 particularly passwords that are used by MICROS staff to control on-site payment terminals remotely.\n<\/p>\n
\n“Oracle Security has detected and addressed malicious code in certain legacy MICROS systems,” said the company. “Oracle’s Corporate network and other cloud and service offerings were not impacted by this code.”\u00a0<\/p><\/blockquote>\n
\n“Payment card data is encrypted both at rest and in transit in the MICROS hosted environment\u2026 Consistent with standard security remediation protocols, Oracle [requires] MICROS customers to change the passwords for all MICROS accounts.”<\/p><\/blockquote>\n
\nCiting unknown sources, security news site KrebsOnSecurity, <\/p>\n
reported<\/a><\/p>\n
that the attack possibly came from a Russian crime gang, dubbed <\/p>\n
Carbanak Gang<\/b><\/p>\n
, that has been accused of stealing more than $1 Billion from banks and retailer stores in past hacks.<\/p>\n
\nThe scope of the data breach is still unknown, but anonymous sources familiar with the breach have told Krebs that the hack may have affected up to 700 systems.\n<\/p>\n
\nSince customers payment data is encrypted both at rest and in transit, Oracle said that this information is not at risk.\n<\/p>\n
\nOracle acquired MICROS in 2014 in a $5 Billion acquisition deal. Currently, MICROS devices are deployed at over 330,000 point-of-sale terminals (or cash registers) at food and beverage outlets, retail stores, and hotels across 180 countries.\n<\/p>\n
\nThe software giant is still investigating the security breach at its payment terminal division.\n<\/p>\n
\nOver the past few years, the security breach has hit POS terminals \u2013 or “cash registers” \u2013 operated by a large number of retailers, food chains, hotels, and other types of merchants. Two of the best-known victims to be hit by POS malware are <\/p>\n
Target<\/a><\/p>\n
and <\/p>\n