US business software colossus Oracle on Monday confirmed that hackers infected software in Micros credit card scanners used at hotels and restaurants around the world.
"Oracle Security has detected and addressed malicious code in certain legacy Micros systems," read a copy of a letter to customers obtained by AFP.
"Oracle is requiring Micros customers to change the passwords for all Micros accounts."
Oracle bought Micros two years ago in a deal valued at $5.3 billion. At the time of the acquisition, Micros technology was used in more than 330,000 restaurants, shops, and hotels in some 180 countries.
Oracle did not reveal the extent or severity of the attack, which computer assault news website KrebsOnSecurity.com attributed to a Russian organized crime group with a reputation for hacking banks and shops.
Oracle said in the letter that its internal systems and other cloud services were not breached, and that payment card data was encrypted both in transit and while being stored.
Heightened security measures have been put in place, according to California-base Oracle.