Russian Gang Suspected of Hacking Oracle's POS System


Oracle has been investigating a point-of-sale system breach that may be the work of Russian cyberthieves.

Hackers compromised at least 700 computers on the MICROS POS system, used by hundreds of thousands of hotels, restaurants and retail outlets worldwide to process credit card transactions, Krebs on Security reported earlier this month.

More than 330,000 cash registers worldwide use MICROS, which ranks as one the world's three largest POS systems.

Oracle has alerted its customers about the intrusion, a spokesperson confirmed, but the company declined to release any further details.

"We are aware of the reported breach of Oracle's legacy MICROS systems," Marriott Hotels said in a statement provided to the E-Commerce Times by spokesperson Jeff Flaherty. "We are working closely with Oracle to better understand the situation and whether or not there may be any impact to our guests."

Oracle told customers that it had addressed the malicious code found in the MICROS system, according to the Krebs report. The company forced a password reset on all support accounts.

There recently has been an increase in incidents linked to retail and hospitality, noted Kevin O'Brien, president of GreatHorn.

Although he did not have any direct insight, he suspected that certain breaches might have been linked to the MICROS hack.

"We do have clients that are in related spaces and verticals that have reached out to us over the past few days," O'Brien told E-Commerce Times.

Those incidents were related to credit card information and credentials, he said, declining to be more specific.

The Oracle breach may have been connected to Russian cyberthieves known as the "Carbanak gang," according to the Krebs report, which cites two security experts who were briefed on the investigation but asked not to be identified.

The Carbanak gang has been linked to previous hacks targeting financial institutions, which used malware hidden in spearphishing emails to access bank accounts. Some attacks targeted ATMs. Estimates of the gang's take from its activities range to US$1 billion.

Malware from the MalumPOS family also targeted systems running the Oracle POS platform, TrendLabs reported earlier this year.

MalumPOS is written in the Delphi language and can scrape memory contents of targeted processes, the firm noted.

Although Oracle's MICROS system is prevalent in the hospitality industry, it also is used by a wide variety of retail companies, according to Paula Rosenblum, managing partner at RSR Research.

"Of course it's an important system, but we have no idea what -- if any -- data was stolen," she told the E-Commerce Times. "I would suspect if there was a significant theft anywhere, we would have heard about it."

Eighteen major chains, as well as many smaller independent properties, use the MICROS POS system to process transactions at hotels and hotel restaurants, observed Henry Harteveldt, travel industry analyst at Atmosphere Research.

"Basically it is the cash register for the entire hotel," he told the E-Commerce Times, explaining that the system is used for room allocations, and when reservations are made through the local properties as opposed to national reservations lines. MICROS also processes transactions at gift shops, room service, and tennis and golf shops, along with other concessions at hotel properties.

Oracle acquired MICROS Systems in 2014 in a deal valued at $5.3 billion.

David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.

0 Comment

Leave a Reply

Captcha image


  • 5300c769af79e

    Google has a New "VR-ish" App for You to Try Out

    Google’s Android Experiments program has a new app for you to play with today, called Sprayscape.The app is a “VR-ish” experience mixed with a spray can, some gyroscope action, and your imagination.
  • 5300c769af79e

    Stay Buzzed All Month With This Smart Wine Bottle

    Winos, rejoice: Kuvée has a new smart-home product just for you: a wine bottle that keeps your drink fresh for 30 days.Just insert the included wine canister into the bottom of the smart bottle and pour.
  • 5300c769af79e

    Facebook to Use AI to Describe Photos to Blind Users

    Previously, the social network announced only the name of the person who posted the photo on Facebook, followed by the term "photo.In November, the Facebook AI Research (FAIR) team achieved "new milestones," including a "state-of-the-art system that segments, or distinguishes between, objects in a photo" 30 percent faster and using 10 times less training data than previous industry benchmarks.
  • 5300c769af79e

    Report: Galaxy S8 Active Headed to AT&T, Naturally

    To the surprise of no one, AT&T is reported to be the exclusive carrier for the Galaxy S8 Active, an upcoming device from Samsung that will almost certainly take the gorgeous piece of work that is the Galaxy S8, then ruggedize it and make it look absolutely terrible.Like all prior Active variants of the Galaxy S lineup, Samsung will probably cover the device in hard plastic, providing a high-end option for those who need lots of protection for the device.