Today in news for a data breach in its retail division – MICROS systems – is the American software multinational Oracle.
Advertisement
Krebs said that Oracle may be concerned that the hacker group responsible for the breach installed malware on the support portal in an effort to scrape usernames and passwords as they were entered.
Carbanak is believed to have stolen more than $1bn from banks, retailers and other companies in recent years – which isn’t the kind of criminal activity likely to go unnoticed by Russia’s establishment, indicating a degree of official complicity in their activities at some level. The breach investigation appears to have begun in mid-July, Krebs said. According to the letter, payment card data was encrypted “both at rest and in transit” in the Micros system. It has confirmed that it was breached and is now investigating the same.
MICROS is one of the top three point-of-sale solutions globally. The company is also requiring that all Micros customers change their passwords for all Micros accounts.
Oracle purchased MICROS in 2014 for more than billion.
It also said it had implemented additional security measures to prevent a recurrence. Krebs reports a mandatory password reset is happening for support accounts on the MICROS portal and an e-mail to customers is in progress.
There is a concern that the intruders may get into someone’s else’s database as heavyweights like Burger King, Adidas, as well as Hilton are also using Micros’ payment system.
“This [incident] could explain a lot about the source of some of these retail and merchant point-of-sale hacks that nobody has been able to definitively tie to any one point-of-sale services provider”, Litan said. If the hackers intercepted point-of-sale information, they would gain access to customer names and card numbers but presumably not any other information, although that can’t be positively determined until more is known about the breach.
Advertisement
The incident was first picked up by computer security expert Brian Krebs, who contacted Oracle for comment.
