Oracle MICROS - Point-of-sale system

Payment card (in)security and you

It’s not just another big guy getting caught with his (digital) pants down. The hacked systems include Oracle’s MICROS point-of-sale systems which are in more than 180 companies and 330,000 cash registers around the world.

That is no small change.

Point-of-sale systems(POS) are the combination of hardware and software that takes care of all your bank account details when you slide your card into that little device at the check-out counter.  The systems that we all assume are pretty-close to fail-proof. Yes, those.

The scope of the Oracle intrusion is bigger than originally believed. Once thought to be limited to a few systems in their retail division, the hack is now known to include more than 700 systems – including the customer care portal at MICROS. And, MICROS is one of the big three for Point-of-sale systems globally.

The major suspect in the hack is the Carbanak Gang, a Russian group believed to have stolen more than $1 billion in the past couple years. They are believed to have stolen from around 100 banks, retailers, and hospitality companies in 30 countries.  The story was broken by KrebsonSecurity.

Oracle is now trying to limit the damage by telling its MICROS customers to change their own passwords for the system and also to change any password that has been used by a MICROS employee that has serviced the systems onsite.

Point-of-sale malware has been behind many of the big credit card breaches of the recent past. The malware typically is installed via a hacked remote administration tool or directly installed by a fraudulent “employee”. Infected Point-of-sale devices collect data from cards as they are used at the cash register then relay the info back to the cybercriminals. The data is monetized by the cybercriminals then making their own magnetic cards and using them to buy gift cards and goods with the stolen account information.

Consumers pay if they don’t catch the fraudulent use of their bank details.

Security investigators usually uncover a data breach after noticing a pattern of fraudulent activity that centers around a particular retail chain or geographic area – and digging into any potential correlation in the individual events. But, it’s not always possible for them to find such a link.

The search for a missing link, cybercriminal not evolutionary, brings us back to you the consumer. Do check your bank account for suspicious activity.  The sooner you spot it, and call the bank about it – the sooner the criminal activity can be stopped and identified.

This post is also available in: German

As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he’s known for making a great bowl of popcorn and extraordinary messes in a kitchen.