According to security experts, Russian hackers have breached more than 330,000 cash registers in fast food chains, retail stores, and hotels around the world. The target of the hacking was a network point-of-sale-systems manufactured by Micros, says security researcher Brian Krebs. Oracle, which acquired the Micros network point-of-sale-system in 2014, confirmed the attack with a statement saying the company ” had detected and addressed malicious code in certain legacy Micros systems.” The vulnerability occurred in the system Oracles uses to help customers remotely troubleshoot problems with point-of-sale devices, a Micros infrastructure. The company is unsure of the scale of the breach, but is working to determine the size of the problem that lies ahead. The time of the initial attack is also undetermined, as well as the scope of financial data that may have been stolen. An investigation into the breach did lead to a link between the micros support portal and a server known to be used by a Russian cybercrime group called the Carbanak group.
“This breach could be little more than a nasty malware outbreak at Oracle,” Krebs wrote. “However, the Carbanak Gang’s apparent involvement makes it unlikely the attackers somehow failed to grasp the enormity of access and power that control over the Micros support portal would grant them.” – Brian Krebs, Security Researcher
This is not the first time the company has been the hot seat for how they handle security incidents, in fall of 2015 Oracle settled out of court with the Federal Trade Commission over charges that Oracle had deceived customers about Java (owned by Oracle) platform security updates.
If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.zdnet.com