Employees of Oracle have made users using massive point of scale system that cyber criminals are able to breach into the computers through the customer support. They can insert a certain code and then affect several retailers all around the globe. Brian Krebs was the first to make people aware of this breach.
According to Krebs, the size of the breach is still under investigation and it is still unknown as to where and how the hackers gained access to the oracle’s systems. This problem first began in late July and it was said that the breach only affected a few limited computers, however after new security was installed it was found out that more than 700 computers overall were affected due to the breach.
Oracle sent out an instructions email to call their customers regarding this breach so they were informed to change the MICRO passwords to all of their MICRO accounts. Passwords for accounts were also changed by those who previously may have accessed the server for some reason.
(Read more about: The differences between cloud inventory management software options)
Among the servers being affected, ticketing portal, which is oracles customer was also affected by this breach. Ticketing portal helps the customers of oracle if they have any troubleshooting problems related to the point of sale system. Krebs stated that the code that was inserted during the breach was found to be connected to one server where the information was sent back. Moreover this server was seen to have been connected with a known Russian criminal organization.
The letter written by oracle clearly states that its “corporate network and oracle’s other cloud and service offerings were not impacted by the code.” Similarly Oracle makes sure that the “payment cart data is encrypted both at rest and in transit in the MICROS hosted environment. The above statement as well as the need for changing the support passwords that is used by the supports staff of MICROS.
Due to this Krebs has stated that he believes how to area of concern regarding this huge cyber criminal breach is possibly the point of sale terminal. Avivah Litan is a security analyst who has told Brian Krebs that the attack on Oracle could explain how a few hacks related to retail and merchant point of sale could not possibly be tied or explained with the connection to any one point of sale services provider.
— Retargeting (@Retargeting_Biz) 16 de junio de 2017