Breach, Data Security, Malware

Carbanak Gang likely behind Oracle MICROS customer service portal compromise

A breach of Oracle Corp. systems by Russian hackers has led to a compromise of the MICROS point-of-sale payment system customer support portal, prompting the company to urge customers to reset their passwords.

Oracle told KrebsOnSecurity that it “detected and addressed malicious code in certain legacy MICROS systems,” but the scope of the breach is as yet unknown. The security website quoted anonymous security researchers as pinning responsibility for the breach on the Carbanak Gang, a Russian crime organization known for pilfering money from banks and retailers as well as hospitality companies.The researchers said the MICROS portal had been observed interacting with a server used by the group.

“Although the full magnitude of the Oracle/MICROS breach is as yet undetermined, as MICROS is one of the top three global point-of-sale vendors with systems deployed at hundreds of thousands of food and beverage, retail and hotel operators throughout 180 countries, it is not unreasonable to assume that many point-of-sale systems have become points of sabotage for Russian cybercriminals,” Adam Levin, chairman and founder of IDT911 and the author of “Swiped,” said in comments emailed to SCMagazine.com. “While it is imperative that MICROS customers change all login credentials, it is also important for consumers to carefully check their credit and debit accounts often for any indication that their payment cards have been compromised.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.