August 9, 2016
Only days after Oracle acquired cloud-computing pioneer NetSuite to help bolster its e-commerce offerings, the company has fallen victim to Russian cybercriminals who have infiltrated its retail customers through its MICROS point-of-sale systems, according to published reports. Security reporter Brian Krebs first reported yesterday that MICROS, which Oracle acquired in 2014, has asked all of its customers to change their passwords because an online support portal had been hacked. Sources told Krebs that Oracle communicated to customers that it had “detected and addressed malicious code in certain legacy MICROS systems,” suggesting the vulnerability may have been in place prior to the 2014 acquisition.
While the extent of the breach is not clear, more than 330,000 points of sale around the world are equipped with MICROS technology. Experts suggested to Krebs that it’s “likely” hackers accessed the payment information remotely of some of these merchants and that a MICROS compromise could be the point of origination for several existing point-of-sale hacks authorities and merchants have not been able to explain. According to a new ThreatMetrix report , the number of cyber attacks in the second quarter of 2016 rose 50 percent from the same period a year ago.