Russian Gang Suspected of Hacking Oracle's POS System


Oracle has been investigating a point-of-sale system breach that may be the work of Russian cyberthieves.

Hackers compromised at least 700 computers on the MICROS POS system, used by hundreds of thousands of hotels, restaurants and retail outlets worldwide to process credit card transactions, Krebs on Security reported earlier this month.

More than 330,000 cash registers worldwide use MICROS, which ranks as one the world's three largest POS systems.

Oracle has alerted its customers about the intrusion, a spokesperson confirmed, but the company declined to release any further details.

"We are aware of the reported breach of Oracle's legacy MICROS systems," Marriott Hotels said in a statement provided to the E-Commerce Times by spokesperson Jeff Flaherty. "We are working closely with Oracle to better understand the situation and whether or not there may be any impact to our guests."

Oracle told customers that it had addressed the malicious code found in the MICROS system, according to the Krebs report. The company forced a password reset on all support accounts.

There recently has been an increase in incidents linked to retail and hospitality, noted Kevin O'Brien, president of GreatHorn.

Although he did not have any direct insight, he suspected that certain breaches might have been linked to the MICROS hack.

"We do have clients that are in related spaces and verticals that have reached out to us over the past few days," O'Brien told E-Commerce Times.

Those incidents were related to credit card information and credentials, he said, declining to be more specific.

The Oracle breach may have been connected to Russian cyberthieves known as the "Carbanak gang," according to the Krebs report, which cites two security experts who were briefed on the investigation but asked not to be identified.

The Carbanak gang has been linked to previous hacks targeting financial institutions, which used malware hidden in spearphishing emails to access bank accounts. Some attacks targeted ATMs. Estimates of the gang's take from its activities range to US$1 billion.

Malware from the MalumPOS family also targeted systems running the Oracle POS platform, TrendLabs reported earlier this year.

MalumPOS is written in the Delphi language and can scrape memory contents of targeted processes, the firm noted.

Although Oracle's MICROS system is prevalent in the hospitality industry, it also is used by a wide variety of retail companies, according to Paula Rosenblum, managing partner at RSR Research.

"Of course it's an important system, but we have no idea what -- if any -- data was stolen," she told the E-Commerce Times. "I would suspect if there was a significant theft anywhere, we would have heard about it."

Eighteen major chains, as well as many smaller independent properties, use the MICROS POS system to process transactions at hotels and hotel restaurants, observed Henry Harteveldt, travel industry analyst at Atmosphere Research.

"Basically it is the cash register for the entire hotel," he told the E-Commerce Times, explaining that the system is used for room allocations, and when reservations are made through the local properties as opposed to national reservations lines. MICROS also processes transactions at gift shops, room service, and tennis and golf shops, along with other concessions at hotel properties.

Oracle acquired MICROS Systems in 2014 in a deal valued at $5.3 billion.

David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.

0 Comment

Leave a Reply

Captcha image


  • 5300c769af79e

    DEAL: Buy Unlocked US Galaxy S7 From Best Buy, Get a $75 Gift Card

    Should you have managed to hold off on buying the newly released US unlocked Galaxy S7 when it initially went live yesterday and are ready to pull the trigger today on payday, just hours before we step into a holiday weekend, we’ve got a decent deal for you.Best Buy is one of the few retailers in the US who has them in-stock, ready for pickup, so if you are considering buying from them, how does an additional $75 gift card with purchase sound?
  • 5300c769af79e

    Data Protection & the Insider Threat

    Download User and Entity Behavior Analytics has emerged as a critical part of a robust information security strategy, enabling the detection of threats that would otherwise go undetected.The barrage of data breaches and thefts caused by actual insiders, and by external actors impersonating insiders via compromised credentials, has led many to seek new approaches to increase their ability to protect sensitive data and intellectual property.
  • 5300c769af79e

    5 Ways to Guarantee Sales Will Hate Your CRM

    In many businesses, those weak links are the members of the sales team.It's as if the processes put in place to help sales understand the customer were designed to get in sales' way.
  • 5300c769af79e

    Harnessing Risk Data as a Strategic Business Solution

    Managing and leveraging better data should not only be looked at as a compliance issue but as a strategic business solution that can deliver pricing, analytical, risk and business model agility benefits.That’s prompted financial institutions to renew their focus on risk data aggregation and reporting (RDAR) solutions in order to collect and integrate trusted data more fully into their business.