Skip to main content
  1. Home
  2. Computing
  3. News

Be alert, cash register credit card readers may be compromised by Oracle breach

By

oracle By Peter Kaminski via Flickr
Image used with permission by copyright holder
Watch your credit card accounts. A major data breach at Oracle by a Russian organized cybercrime group may have compromised more than 330,000 Micros point-of-sale credit card payment readers worldwide, according to Krebs on Security. If that’s the case, data from cards swiped at those registers could be stolen and used on dummy cards to make high ticket purchases.

Update – Oracle’s Corporate Communications, Director of Industries Michael Diamond contacted Digital Trends with a copy of a letter send to Micros customers, emphasizing the following sentence,  “Payment card data is encrypted both at rest and in transit in the MICROS hosted environment.” When asked for clarification about point-of-sale card swipe devices and potential malware threats, Oracle declined to comment, stating that the customer letter is the company’s statement. So unanswered questions remain about past and present vulnerability.

Recommended Videos

Oracle’s Micros division is one of the top three point-of-sale system vendors in the world. KrebsonSecurity followed up in late July on a tip from an Oracle Micros customer. The customer had been informed by Oracle that a breach in its retail division likely affected only Oracle staff. On further investigation, according to KrebsonSecurity sources, Oracle found more than 700 impacted systems.

KrebsonSecurity’s Oracle sources, speaking without permission from their employer to speak on the record, revealed that the Micros customer support portal was compromised. This is a support system used by merchants who use the credit card payment system, not the merchant’s customers. The portal was communicating with a server associated with an infamous Russian group called the Carbanak Gang.

The experts said a single system spread the malware to other systems including a customer portal that helps Micros merchant customers troubleshoot problems. The malware stole the usernames and passwords of people logging in to the support portal.

Oracle told KrebsonSecurity it is forcing a password reset on Micros support accounts and telling them that, “We also recommend that you change the password for any account that was used by a Micros representative to access your on-premises systems.”

The issue with “on-premises systems” does potentially reach down to individual consumers who swipe their cards at cash registers, according to KrebsonSecurity. It the malware communicated with individual terminals it could potentially send card-stealing malware to the devices to capture credit card and account data. If that happened, the card data could be transferred into the wrong person’s hands, and that’s never good for you. Because Oracle will not answer further questions, we suggest you remain alert and check your credit card accounts regularly.

Updated by Bruce Brown 08-09-16: Updated after contacted by Oracle with a copy of the letter the company sent to Micros customers.

Editors’ Recommendations

Topics
Bruce Brown
Bruce Brown
Contributing Editor
Bruce Brown Contributing Editor   As a Contributing Editor to the Auto teams at Digital Trends and TheManual.com, Bruce…
This Lenovo ThinkPad is almost $1,800 off today!
A press photo of the ThinkPad X1 Carbon Gen 11.

One of the best laptops for a busy computer-heavy workplace is the Lenovo ThinkPad. For years, this tried and true laptop and 2-in-1 has delivered a fast and reliable Windows experience to many a 9 to 5 go-getter. Processor speed and power evolve year over year, and new features are added to these laptops all the time. This also means you’ll be able to find discounts on older machines, which is precisely what we came across while scouring through Lenovo ThinkPad deals:

Right now, as part of Lenovo’s doorbuster sale, you’ll save $1,800 on the purchase of a brand-new Lenovo ThinkPad X1 Carbon Gen 11 when you order through Lenovo.

Read more
Runway brings precise camera controls to AI videos
Gen-3 alpha advanced camera controls

Content creators will have more control over the look and feel of their AI-generated videos thanks to a new feature set coming to Runway's Gen-3 Alpha model.

Advanced Camera Control is rolling out on Gen-3 Alpha Turbo starting today, the company announced via a post on X (formerly Twitter).

Read more
Score the Dell XPS 15 for less than $1,000 during this sale
Dell XPS 15 9520 front view showing display and keyboard deck.

If you’ve been looking for laptop deals but feel disappointed with the results of your research, we know the pain. Searching for a new PC can take months, especially if you’ve got the time and energy to vet through numerous brands and models. Fortunately, there are a few tried and true PC names, one of which happens to be Dell. We see Dell laptop deals pretty regularly, but this one stopped us in our tracks:

Right now, when you order the Dell XPS 15 Laptop through the manufacturer, you’ll save $300. At full price, this model sells for $1,300.

Read more