Oracle detected malicious code in certain payment systems used in hospitality and retail, the company said.
Details were first reported by cybersecurity writer Brian Krebs on Monday.
All customers of Micros, known for cloud-based tablet and mobile payments for food, beverages and hotels, are being asked to reset their passwords for an online support portal after Oracle found the malicious code in legacy systems, Krebs wrote on his website, KrebsOnSecurity. Oracle's other cloud and corporate offerings were not affected, and the credit-card data is encrypted, Oracle told CNBC.
"To prevent a recurrence, Oracle implemented additional security measures for the legacy MICROS systems," Oracle said in a letter to customers given to CNBC. Oracle did not respond to Krebs' direct question about the breach, he said.
It's not clear how widespread the hack is and how the attackers gained access to Oracle systems, Krebs reported. But two unnamed sources told Krebs that the hack could be tied to Russian cybercriminals. The sources told Krebs that Micros' customer-support portal was seen communicating with a server known to be used by the Carbanak gang, which has been tied to one of the biggest banking breaches ever known.