The Channel logo


By | Shaun Nichols 8th August 2016 22:57

Big Red alert: Oracle's MICROS payment terminal biz hacked

Shops, hotels worldwide warned after support portal pwned

Hackers infected hundreds of computers within Oracle, infiltrated the support portal for its MICROS payment terminals division, and potentially accessed sales registers all over the world.

The miscreants installed malware on the troubleshooting portal to capture customers' usernames and passwords as they logged in. These credentials can be used to access their accounts and remotely administer their MICROS point-of-sales (POS) terminals.

The ranks of MICROS customers are said to include a number of major retail chains as well as hotels, with systems installed in more than 330,000 sites in 180 countries. Whoever broke into the database giant's systems potentially had control over all those payment terminals, and clearly hit the jackpot.

In a memo sent this month to MICROS customers, businesses were told to reset their current and former MICROS account passwords – particularly any passwords used by MICROS staff to remotely control any on-site payment terminals.

"Oracle Security has detected and addressed malicious code in certain legacy MICROS systems," reads the letter from Big Red.

According to the warning note, while its MICROS division was ransacked by hackers, Oracle's corporate network and cloud systems were not compromised, and that people's payment card details are stored encrypted in transit and at rest – meaning, hopefully, whoever hacked the corporation didn't get at people's credit and debit card numbers.

Investigative journo Brian Krebs suspects the infiltration affected as many as 700 computers within Oracle and is the work of a Russian malware gang targeting POS systems.

Oracle acquired MICROS, which makes and supports retail and hotel sales terminals, in 2014 in a $5bn acquisition deal. Oracle is still probing the security breach at its payment terminal division.

POS terminals – or, as most of us just call them, "cash registers" – have emerged as the favorite target for many cybercriminal gangs looking for a cheap and easy way to capture huge quantities of payment cards.

By breaching a retailer's internal network and infecting the individual terminals with malware, criminals can collect millions of valid card numbers in a relatively short amount of time. The most notable example of this was the 2013 breach of Target that resulted in some 40 million customer payment cards and ended up costing the retailer hundreds of millions of dollars. ®

comment icon Read 18 comments on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe