Report: Security breach at Oracle’s Micros unit could affect consumers

Oracle’s computer servers have reportedly been hacked, but you and I might suffer some of the consequences.

The security breach affected the company’s Micros unit, which offers cash registers and credit card terminals to retailers, KrebsOnSecurity reported Monday. The attack compromised Micros’ customer support website among some 700 different systems inside Oracle’s network, according to the report.

During the breach, hackers implanted malware in Micros’ systems that gave them access to the user names and passwords of company’s customers who logged into the support site, KrebsOnSecurity reported. Oracle is requiring customers to reset their user names and passwords.

But there are indications that the breach could have more wide-ranging affects than just forcing some merchants to reset their passwords. According to Krebs’ sources, the customer service site communicated with a server associated with the Carbanak gang, a sophisticated Russian cybercrime group believed to have targeted and stolen money from banks in the past.

Oracle’s statement about the attack indicated the company may believe that the credentials used to log into its customer service portal could have been used by the Carbanak gang to place malware on customers’ servers. That could allow the group to steal the credit card numbers of people like you and me from Micros’ retail customers.

“I’d say there’s a big chance that the hackers in this case found a way to get remote access” to Micros’ customers’ credit card readers, Gartner security analyst Avivah Litan told KrebsOnSecurity.

You’ve probably had to replace your credit card in the last couple years thanks to the massive breaches at Target, Home Depot and the like. Don’t be surprised if this latest incident means you’ll have to replace it yet again.

File photo: Oracle sign outside Moscone Center during Oracle OpenWorld 2012 in San Francisco. (REUTERS/Stephen Lam)

 

Tags: , , , , ,

 

Share this Post



 
 
 
 
 
css.php