Oracle is warning users of its Micros POS payments technology of a data breach which saw malicious code installed on its systems.
The software giant is sending letters to Micros customers asking them to change their passwords after finding the malicious code but says that all payment data were encrypted.
The Micros platform - acquired by Oracle for $5.3 billion in 2014 - is used on 330,000 sites worldwide, mostly in the US and in the hospitality, food and beverage, and retail industries.
Security blogger Brian Krebs, who first reported the breach, says that the attackers "appear" to be Russian cybergang members who breached hundreds of Oracle computer systems and compromised a customer support portal for Micros users.
Citing security experts briefed on the breach, Krebs says that Portal was seen communicating with a server known to be used by the Carbanak cybergang.
Last year security outfit Trend Micro warned that cyber-criminals were using a new strain of malware to target point-of-sales system running on Oracle Micros.