Russian cybercriminals have infiltrated systems at Micros, an Oracle division that is one of the world’s biggest vendors of point of sale payment systems for shops and restaurants, according to an influential security blogger.The hack has affected 700 computer systems at Micros and is thought to have begun with infiltration on a single machine at the company, said Brian Krebs on his Krebs on Security blog on Monday.The incident is worrying for the potential size of the hack and the systems affected. Oracle acquired Micros in 2014, when it said Micros systems are used in more than 330,000 sites in 180 countries.It’s also somewhat embarrassing for Oracle, which heavily markets the security of its products. Oracle said it had notified Micros customers.In an undated letter shared with IDG News Service, the company said it had “detected and addressed malicious code in certain legacy Micros systems.” The letter said payment card data is encrypted “both at rest and in transit” in the Micros system. Oracle said it has “implemented additional security measures” to prevent a recurrence, but it did not describe what they are. It is requiring all Micros customers to change their passwords and the password for any account used by a Micros representative to access the payment system.Krebs quoted two researchers briefed on the investigation who said Oracle’s customer support portal was monitored communicating with a server run by the “Carbanak Gang,” a Russian cybercrime syndicate.Restaurants, hotels and department stores have been prime targets for point of sale system hacks in the last two years. Many have had their systems infiltrated, often by attacks on system administration accounts and passwords used for remote access. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe