Oracle is said to be investigating a data breach of its Micros division.
Security journalist Brian Krebs, who first covered the story, said that hackers had compromised hundreds of systems at the software giant’s point-of-sale division, and broken into a support portal used by customers of the devices.
Krebs said that Oracle had acknowledged the break-in, saying it had “detected and addressed malicious code in certain legacy Micros systems,” but added that Oracle’s own systems, corporate network, and other cloud and service offers were not impacted.
Users should change their support portal and terminal passwords immediately, as Oracle is said to be concerned that the hacker group responsible for the breach installed malware to scrape usernames and passwords, which could be used to remotely administer and access point-of-sale devices located in customers’ retail outlets.
Krebs reported that the company said that payment data isn’t at risk, as that information is encrypted both at rest and in transit.
Micros devices are currently deployed at over 330,000 sites across 180 countries,
Point-of-sale devices are increasingly a target for hackers. In recent months, dozens of machines at Starwood and Hilton hotels were impacted by malware, with the aim of poaching payment and card data, which can be used or sold on to the highest bidder.
A spokesperson for Oracle did not immediately respond to a request for comment.