MICROS Data Breach Could Involve Russian Cybercriminals

Computer systems at MICROS, a division of Oracle, have suffered a data breach that also has compromised a customer support portal for its MICROS point-of-sale credit card payment systems, according to a report in KrebsOnSecurity.

Oracle, which purchased MICROS in 2014, has confirmed that it is investigating a breach at the POS division. In an email to ZDNet, the company said it had “detected and addressed malicious code in certain legacy MICROS systems,” but that Oracle’s own systems, corporate network, cloud and other services were not affected. The company also noted that payment card data is encrypted both at rest and transit in MICROS-hosted environments.

MICROS is among the top three POS vendors globally, with systems installed in more than 200,000 food and beverage outlets, 100,000+ retail sites and 30,000+ hotels. According to the Krebs report, Oracle is asking all MICROS customers to reset their passwords for the company’s online support portal.


The Krebs report cited security experts who have been briefed on the breach as saying the customer support portal was seen to be communicating with a server known to be used by the Carbanak Gang, part of a Russian cybercrime group suspected of stealing more than $1 billion from banks, retailers and hospitality companies over the past several years.

Recent data breaches, such as the 2014 hack of Home Depot and the 2013 Target compromise, have been attributed to malware affecting POS terminals in stores. The malware usually is installed via hacked remote administration tools. If these criminals have been able to compromise multiple MICROS customers via their infiltration of the vendor’s support portal, it’s possible this breach’s effect could be far more widespread than those inflicted on any individual retail company.

Featured Event

Join the retail community as we come together for three days of strategic sessions, meaningful off-site networking events and interactive learning experiences.



Access The Media Kit


Access Our Editorial Calendar

If you are downloading this on behalf of a client, please provide the company name and website information below: