The breach involves malware placed on a MICROS support portal that gave attackers the ability to capture user user names and passwords as they logged in. The scope of the attack is still being investigated, but it s believed that as many as 700 systems could be impacted. The malware is believed to be communicating with servers known to be used by the Russia-based Carbanak gang, which has been behind more than 100 breaches at banks in 30 countries, totaling an estimated $1 billion in losses.
Source: https://threatpost.com/breach-forces-password-change-on-oracle-micros-pos-customers/119754/