Oracle MICROS Hackers Infiltrate Five More Cash Register Companies
“Hackers have breached at least five cash-register providers that supply hundreds of thousands of businesses in the United States, FORBES has been told. After investigative reporter Brian Krebs reported a compromise of Oracle’s MICROS unit earlier this week, it now appears the same allegedly Russian cybercrime gang has hit five others in the last month: Cin7, ECRS, Navy Zebra, PAR Technology and Uniwell. Together, they supply as many as, if not more than, 1 million point-of-sale systems globally.
The hackers’ normal modus operandi was simple: first find weaknesses in point-of-sale (PoS) system vendors’ servers and hack them. (PoS systems, whether cash registers or otherwise, store and process customers’ credit card data). From there, they attempted to steal passwords of retail customers either during or after they logged in. They could then try to gain remote access into the retailers’ PoS computer, which would likely hold troves of shoppers’ credit-card information.”