Be alert, cash register credit card readers may be compromised by Oracle breach

oracle By Peter Kaminski via Flickr
Watch your credit card accounts. A major data breach at Oracle by a Russian organized cybercrime group may have compromised more than 330,000 Micros point-of-sale credit card payment readers worldwide, according to Krebs on Security. If that’s the case, data from cards swiped at those registers could be stolen and used on dummy cards to make high ticket purchases.

Update – Oracle’s Corporate Communications, Director of Industries Michael Diamond contacted Digital Trends with a copy of a letter send to Micros customers, emphasizing the following sentence,  “Payment card data is encrypted both at rest and in transit in the MICROS hosted environment.” When asked for clarification about point-of-sale card swipe devices and potential malware threats, Oracle declined to comment, stating that the customer letter is the company’s statement. So unanswered questions remain about past and present vulnerability.

Oracle’s Micros division is one of the top three point-of-sale system vendors in the world. KrebsonSecurity followed up in late July on a tip from an Oracle Micros customer. The customer had been informed by Oracle that a breach in its retail division likely affected only Oracle staff. On further investigation, according to KrebsonSecurity sources, Oracle found more than 700 impacted systems.

KrebsonSecurity’s Oracle sources, speaking without permission from their employer to speak on the record, revealed that the Micros customer support portal was compromised. This is a support system used by merchants who use the credit card payment system, not the merchant’s customers. The portal was communicating with a server associated with an infamous Russian group called the Carbanak Gang.

The experts said a single system spread the malware to other systems including a customer portal that helps Micros merchant customers troubleshoot problems. The malware stole the usernames and passwords of people logging in to the support portal.

Oracle told KrebsonSecurity it is forcing a password reset on Micros support accounts and telling them that, “We also recommend that you change the password for any account that was used by a Micros representative to access your on-premises systems.”

The issue with “on-premises systems” does potentially reach down to individual consumers who swipe their cards at cash registers, according to KrebsonSecurity. It the malware communicated with individual terminals it could potentially send card-stealing malware to the devices to capture credit card and account data. If that happened, the card data could be transferred into the wrong person’s hands, and that’s never good for you. Because Oracle will not answer further questions, we suggest you remain alert and check your credit card accounts regularly.

Updated by Bruce Brown 08-09-16: Updated after contacted by Oracle with a copy of the letter the company sent to Micros customers.

Computing

These are the worst passwords of 2018. Is yours on this list?

Do you use a bad password that makes your online accounts easy to break into? SplashData has compiled a list of the top 100 worst passwords for 2018 and there are quite a few listings that were carryovers from prior lists.
Mobile

How to switch from iPhone to Android: The ultimate guide

If you've decided to bridge the great tech divide and leave Apple's walled garden for the unknown shores of Android, then you'll find all the tips and advice you need to begin switching from an iPhone to an Android device.
Social Media

Instagram could be making a special type of account for influencers

Instagram influencers fall somewhere between a business profile and a typical Instagram, so the company is working on developing a type of account just for creators. The new account type would give creators more access to analytical data.
Gaming

Apple Mac users should take a bite out of these awesome games

Contrary to popular belief, there exists a bevy of popular A-list games compatible for Mac computers. Take a look at our picks for the best Mac games available for Apple fans.
Computing

Need a monitor for professional photo-editing? These are the very best

Looking for the best monitor for photo editing? You'll need to factor in brightness, color accuracy, color gamut support and more. Fortunately, we've rounded up the best ones for you, to help you make an educated purchase.
Computing

HDR monitors are beginning to have an impact. Here are the best you can buy

HDR isn't the most common of PC monitor features and is often charged at a premium, but the list of available options is growing. These are the best HDR monitors you can buy right now.
Computing

Canada’s winters inspired a startup to warm homes with cryptomining heat waste

Cryptomining may be the key to untold riches and the future of currency, but it’s also an environmental nightmare. Heatmine, thinks it has the answer, but it could mean bolting a mining rig onto every home and business in the country.
Computing

You’ll soon be able to scribble all over PDFs on your Chromebook

Chrome OS users may soon be able to doodle all over their PDF documents with the possible addition of a new feature in Chrome OS' PDF viewer. The annotation feature is expected to allow users to hand draw or write over their documents.
Virtual Reality

Oculus Rift vs. HTC Vive: Prices drop, but our favorite stays the same

The Oculus Rift and HTC Vive are the two big names in the virtual reality arena, but most people can only afford one. Our comparison tells you which is best when you pit the Oculus Rift vs. HTC Vive.
Computing

Microsoft’s Windows 95 throwback was just an ugly sweater giveaway

Microsoft's "softwear" announcement wasn't what we had hoped for. Thursday's announcement was not the new line of wearable tech or SkiFree monster sweater we wished for. But it did deliver the 90s nostalgia we wanted.
Home Theater

Confused about LED vs. LCD TVs? Here's everything you need to know

Our LED vs. LCD TV buying guide explains why these two common types of displays are fundamentally connected, how they differ, what to look for in buying an LED TV, and what's on the horizon for TVs.
Deals

The best MacBook deals for December 2018

If you’re in the market for a new Apple laptop, let us make your work a little easier: We hunted down the best up-to-date MacBook deals available online right now from various retailers.
Computing

How to connect AirPods to your MacBook

If you have new AirPods, you may be looking forward to pairing them with your MacBook. Our guide will show you exactly how to connect AirPods to MacBook, what to do if they are already paired with a device, and more.
Computing

Hitting ‘Check for updates’ in Windows 10 opts you into beta releases

Users who are careful about keeping their system updated should watch out -- Microsoft revealed this week that clicking the Check for updates button in Windows can opt you in to testing beta code.