A group of Russian hackers have broken into Oracle’s Micros computer servers.

The Micros unit makes internet-connected tills that are used by hotels, restaurants and shops. Analysts believe that those responsible for the attack belong to a gang of organized Russian cybercriminals that have previously hacked banks and retailers, writes Gina Hall for Bizjournals.

Oracle Systems

Russian hackers implant malware in Micros systems

Hackers managed to implant malware into the Micros systems, gaining access to the usernames and passwords of customers who had used the Oracle support site. Clients have since been asked to change their login details.

While the customer support site was compromised, the cybercriminals also apparently gained access to over 700 different systems on the Oracle network. This means that the hackers could have been able to implant malware on clients’ servers, potentially enabling them to take credit card numbers from consumers.

The hackers would then have been able to sell the data to other criminals who encode magnetic stripe cards. These criminals then use the fake cards to buy gift cards at large retailers such as Wal-Mart and Target.

Oracle betting big on cloud-based services

Oracle says that “payment card data is encrypted both at rest and in transit in the MICROS hosted customer environments.” The company maintains that its cloud service and corporate network were not attacked.

However security experts believe that there is a high probability that the hackers managed to access credit card data.

“This [incident] could explain a lot about the source of some of these retail and merchant point-of-sale hacks that nobody has been able to definitively tie to any one point-of-sale services provider,” Gartner security analyst Avivah Litan told KrebsOnSecurity. “I’d say there’s a big chance that the hackers in this case found a way to get remote access” to Micros customers’ on-premises point-of-sale devices.

Oracle acquired Micros Systems in 2014 for a sum of $5.3 billion. The Micros software is in use at 330,000 customer sites, according to Oracle data.

While there is never a good time for a security breach, Oracle will be particularly upset about the damage to its reputation at a time when it is competing with Amazon and Google in the cloud-based services sector. This July Oracle spend $9 billion to acquire cloud-service company NetSuite.

Chairman Larry Ellison has also spent over $1 billion to acquire Opower, a cloud-based utility industry software business, and construction business software provider Textura.