Skip to main content
  1. Home
  2. Computing
  3. News

Be alert, cash register credit card readers may be compromised by Oracle breach

Bruce Brown
By

oracle By Peter Kaminski via Flickr
Image used with permission by copyright holder
Watch your credit card accounts. A major data breach at Oracle by a Russian organized cybercrime group may have compromised more than 330,000 Micros point-of-sale credit card payment readers worldwide, according to Krebs on Security. If that’s the case, data from cards swiped at those registers could be stolen and used on dummy cards to make high ticket purchases.

Update – Oracle’s Corporate Communications, Director of Industries Michael Diamond contacted Digital Trends with a copy of a letter send to Micros customers, emphasizing the following sentence,  “Payment card data is encrypted both at rest and in transit in the MICROS hosted environment.” When asked for clarification about point-of-sale card swipe devices and potential malware threats, Oracle declined to comment, stating that the customer letter is the company’s statement. So unanswered questions remain about past and present vulnerability.

Recommended Videos

Oracle’s Micros division is one of the top three point-of-sale system vendors in the world. KrebsonSecurity followed up in late July on a tip from an Oracle Micros customer. The customer had been informed by Oracle that a breach in its retail division likely affected only Oracle staff. On further investigation, according to KrebsonSecurity sources, Oracle found more than 700 impacted systems.

KrebsonSecurity’s Oracle sources, speaking without permission from their employer to speak on the record, revealed that the Micros customer support portal was compromised. This is a support system used by merchants who use the credit card payment system, not the merchant’s customers. The portal was communicating with a server associated with an infamous Russian group called the Carbanak Gang.

The experts said a single system spread the malware to other systems including a customer portal that helps Micros merchant customers troubleshoot problems. The malware stole the usernames and passwords of people logging in to the support portal.

Oracle told KrebsonSecurity it is forcing a password reset on Micros support accounts and telling them that, “We also recommend that you change the password for any account that was used by a Micros representative to access your on-premises systems.”

The issue with “on-premises systems” does potentially reach down to individual consumers who swipe their cards at cash registers, according to KrebsonSecurity. It the malware communicated with individual terminals it could potentially send card-stealing malware to the devices to capture credit card and account data. If that happened, the card data could be transferred into the wrong person’s hands, and that’s never good for you. Because Oracle will not answer further questions, we suggest you remain alert and check your credit card accounts regularly.

Updated by Bruce Brown 08-09-16: Updated after contacted by Oracle with a copy of the letter the company sent to Micros customers.

Editors' Recommendations

Topics
Bruce Brown
Bruce Brown
Contributing Editor
Digital Trends Contributing Editor Bruce Brown is a member of the Smart Homes and Commerce teams. Bruce uses smart devices…
The XPS 16 is fighting an uphill battle against the MacBook Pro
Dell XPS 16 sitting on desktop with flowers.

It took a few years, but Dell finally updated the design of its two largest XPS laptops. The XPS 15 gave way to the XPS 14, while the XPS 17 was replaced by the XPS 16. The latter gained the ultramodern look of the XPS 13 Plus, complete with a glass palm rest, a hidden haptic touchpad, and a row of LED function keys.

It's a significant update but places the XPS 16 in direct competition with the Apple MacBook Pro 16. That's an excellent matchup with proven performance and battery life and an elegant design that's solid, if a lot more conservative.
Specs and configurations

Read more
These 4K monitors are discounted at Best Buy — from $200
The Sony InZone M9 sitting next to a PlayStation 5.

A 4K monitor is a great way of enjoying an enhanced image as you work with more pixels, higher resolutions, and often better colors too. Over at Best Buy, there are some great monitor deals squarely focused on all things 4K. There are dozens of 4K monitors in the sale so the smart move is to hit the button below to see what’s there for yourself. If you want some help though, we’re here. We’ve picked out a few highlights in the sale so take a look for yourself.

What to shop for in the Best Buy 4K monitor sale
Samsung makes some of the best monitors around so why not start with the ? It’s currently reduced by $150 so it costs just $200. Its IPS panel looks great with AMD FreeSync support effectively eliminating screen tears and stutters. There’s also HDR support which brings with it some great looking colors while wide viewing angles mean it looks great from any perspective.

Read more
9 best processors for PC gaming: tested and reviewed
The AMD Ryzen 9 7950X3D installed in a motherboard.

It's tough to find the right gaming CPU for your next PC. We've benchmarked dozens of processors to find the best CPU for gaming, and there's a clear winner right now: AMD's Ryzen 7 7800X3D. Although the latest chip from Team Red claims the crown, there are still several other great options on the market.

Whatever your needs and budgets, though, we have options from AMD and Intel that will be great performers. We're focused on gaming here, but if you want a processor that can game and get work done, make sure to check out our list of the best processors.

Read more