August 23, 2016
Oracle Micros Point of Sale Customers Reset Your Passwords
Does your company rely on Oracle Systems’ Micros to handle point of sale transactions? If so, you should change your password immediately. The company has recently reported that a sophisticated Russian cybercrime syndicate has successfully breached their system, exposing the account information of more than 330,000 Micros users.
The potential impact to your business cannot be understated if you use the Micros point of sale system. If your account was one of the more than 330,000 compromised, then any credit card transaction processed by your system could potentially be at risk of being exposed to the hackers.
The company has tried to put a positive spin on things and reassure customers by stating that all customer credit card data is encrypted both while it is at rest and while it is in transit, but the fact remains that armed with your password, the hackers could still get access to the information. Once they have a copy, it’s only a matter of time before they can decrypt it.
This is an especially noteworthy breach, because Oracle is one of the top three POS vendors in the world. A successful hack here could have ripple effects that are felt on a global scale.
Initially reported as an internal matter that only impacted Oracle employees, further investigation has found that the breach has actually impacted more than 700 of Oracle’s systems, which represents a breach of significant depth. The impacted systems include Oracle’s Micros customer support portal, which had been completely compromised, and was sending data back to a server with known ties to the Russian group called the Carbanak Gang.
That breach has been sealed, but even so, if you use Micros, even if only occasionally, the best thing you can do is to change your password immediately.