Skip to main content
  1. Home
  2. Computing
  3. News

Be alert, cash register credit card readers may be compromised by Oracle breach

By

oracle By Peter Kaminski via Flickr
Image used with permission by copyright holder
Watch your credit card accounts. A major data breach at Oracle by a Russian organized cybercrime group may have compromised more than 330,000 Micros point-of-sale credit card payment readers worldwide, according to Krebs on Security. If that’s the case, data from cards swiped at those registers could be stolen and used on dummy cards to make high ticket purchases.

Update – Oracle’s Corporate Communications, Director of Industries Michael Diamond contacted Digital Trends with a copy of a letter send to Micros customers, emphasizing the following sentence,  “Payment card data is encrypted both at rest and in transit in the MICROS hosted environment.” When asked for clarification about point-of-sale card swipe devices and potential malware threats, Oracle declined to comment, stating that the customer letter is the company’s statement. So unanswered questions remain about past and present vulnerability.

Recommended Videos

Oracle’s Micros division is one of the top three point-of-sale system vendors in the world. KrebsonSecurity followed up in late July on a tip from an Oracle Micros customer. The customer had been informed by Oracle that a breach in its retail division likely affected only Oracle staff. On further investigation, according to KrebsonSecurity sources, Oracle found more than 700 impacted systems.

KrebsonSecurity’s Oracle sources, speaking without permission from their employer to speak on the record, revealed that the Micros customer support portal was compromised. This is a support system used by merchants who use the credit card payment system, not the merchant’s customers. The portal was communicating with a server associated with an infamous Russian group called the Carbanak Gang.

The experts said a single system spread the malware to other systems including a customer portal that helps Micros merchant customers troubleshoot problems. The malware stole the usernames and passwords of people logging in to the support portal.

Oracle told KrebsonSecurity it is forcing a password reset on Micros support accounts and telling them that, “We also recommend that you change the password for any account that was used by a Micros representative to access your on-premises systems.”

The issue with “on-premises systems” does potentially reach down to individual consumers who swipe their cards at cash registers, according to KrebsonSecurity. It the malware communicated with individual terminals it could potentially send card-stealing malware to the devices to capture credit card and account data. If that happened, the card data could be transferred into the wrong person’s hands, and that’s never good for you. Because Oracle will not answer further questions, we suggest you remain alert and check your credit card accounts regularly.

Updated by Bruce Brown 08-09-16: Updated after contacted by Oracle with a copy of the letter the company sent to Micros customers.

Editors' Recommendations

Topics
Bruce Brown
Bruce Brown
Contributing Editor
Digital Trends Contributing Editor Bruce Brown is a member of the Smart Homes and Commerce teams. Bruce uses smart devices…
Best deal ever? Get 80% off PureVPN and an Uber Eats voucher
A close-up of a computer monitor displaying a generic VPN.

Everyone should sign up to a virtual private network, so if you're looking for VPN deals, here's one that you wouldn't want to miss -- two years plus three extra months of PureVPN's Max Plan at 80% off for just $4 per month, for a total of $108 for 27 months. That's $16 in savings per month for dependable online protection, and to top it off, you'll be getting an Uber Eats voucher worth up to $30. We're not sure how much time is remaining on this offer though, so if you're interested, you're going to have to sign up for the subscription immediately.

Why you should sign up for PureVPN Max Plan
A VPN is a necessity in this digital age because it will protect your data from being accessed by cybercriminals. It will also help you get around any geoblocking restrictions as you can have your device appear as if it's located in another part of the world. PureVPN is one of the best VPNs for these purposes, as it uses a global network of more than 6,500 servers that are located across dozens of countries.

Read more
Razer’s most boring product is also one of its best
The Razer Iskur V2 gaming chair in an office.

Razer isn't exactly known for subtlety. This is the company that released a Bane-like RGB face mask, a headset with haptic feedback, and most recently, a mouse pad that has RGB lighting from corner to corner. The Iskur V2 chair is an exercise in subtlety, however, and a change of pace that pays off for Razer in a big way.

There's nothing special about the Iskur V2 at first glance. It's a gaming chair fit with the usual racer-style back and some green trim to let you know it's a Razer product. But there are no motors promising immersive haptic feedback, and no RGB leaving you tethered to a wall outlet (yes, Razer has done both in a chair before). The Iskur V2 is just a well-designed, comfortable chair, and that's exactly why it's so impressive.
Out of the box

Read more
Best OLED monitor deals: Get an OLED screen from just $450
Marvel's Spider-Man running on the Samsung Odyssey OLED G8.

Up to a couple of years ago, OLED technology only really existed in OLED TVs and very-high-end monitors that cost thousands and thousands of dollars. Luckily, the prices have come down quite substantially, even on the best OLED monitors, especially as the market gets more saturated with options. That means that if you tend to use a monitor for the majority of your content consumption, such as gaming, then you can grab an OLED monitor for a great price and experience amazing visual fidelity and reproduction.

To that end, we've gone out and scoured all the major retailers and brands to find our favorite OLED monitor deals out there and compiled them below. That said, if you haven't quite found what you're looking for, or feel you aren't ready for an OLED monitor, be sure to check out some of these other great monitor deals.
LG UltraGear 27-inch gaming monitor -- $660, was $1,000

Read more