Oracle is in the process of investigating a data breach that affects customers of its MICROS point-of-sale systems.
The breach apparently hit the software giant sometime last month, and it involves the customer portal for MICROS users. Oracle, which purchased MICROS in 2014, has sent a letter to affected customers, warning them that the company is doing a forced password reset for all of the users of the portal. The company said in a statement that it had found malicious code in some legacy MICROS systems, according to a report on Krebs on Security.
MICROS is among the larger point-of-sale system vendors in the industry, and Oracle says that the company’s PoS products are deployed in more than 330,000 sites around the world. The MICROS systems mainly are used in the hospitality industry, and many hotels and restaurants are users of the PoS gear.
Right now, it does not appear that customer information was compromised in the breach, and that it was data from Oracle employees that’s affected. However, the scope of the breach isn’t yet clear. PoS systems have become frequent targets for attackers in many strata of the ecosystem, especially cybercrime groups who value the torrents of card data that flow through them. The past few years have seen an increase in large attacks on PoS systems, and there are now a number of different kinds of malware specifically designed for these systems, including Treasurehunt and CenterPOS.
Perhaps the most famous data breach to involve a PoS attack is the Target data breach, which included memory scraping malware infecting terminals at the company’s stores.