Cloud Service Provider PCM Hit In Breach Targeting Office 365 Credentials

Prominent cloud services provider PCM has been hit in a cyberattack, reports Krebs on Security.

A major US-based cloud services provider, PCM, fell victim to a digital intrusion that allowed hackers to access emails and customers’ file-sharing systems.

First reported by Brian Krebs on his website Krebs on Security, sources say that PCM discovered the breach in mid-May 2019. Attackers reportedly stole administrative credentials that PCM uses to manage client accounts within Office 365, a cloud-based email and file-sharing service run by Microsoft.

A statement from PCM has claimed that the incident did not impact all its customers and, if anything, the company claims an investigation has revealed “minimal to no impact”.

A security expert at a PCM customer who was recently notified of the incident said the intruders appeared interested in stealing information that could be used to conduct gift card fraud.

Gift cards have emerged as a preferred target for cybercriminals in recent years as they are considerably easier to resell for cash versus purchasing actual items with stolen credit card credentials. Gift cards have also proven a popular method to launder money. The financial worth of each individual transaction, while often small, can prove lucrative when committed in bulk, meaning that criminals can gain thousands in a relatively low-friction exchange while still evading the hawk eye of major law enforcement agencies.

Hackers in this instance used PCM as a jumping-off point to access company customers, similar to the modus operandi of the attackers behind the Wipro breach of April 2019. Just like the PCM attack, hackers in the Wipro event also used their access to perpetrate gift card fraud.

Operation Cloud Hopper, a hacking operation linked to the Chinese Ministry of State Security, similarly used IT and cloud services providers as a backdoor to access high-profile firms such as IBM, Sabre, Ericsson and Hewlett-Packard.

PCM is currently in the process of being acquired by Arizona-based technology company Insight Enterprises. The company has not, as of yet, responded to requests for comment on the acquisition in light of this recent news.

RECENT NEWS

Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals

The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more

AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments

Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more

Technology Sector Fuels U.S. Economic Growth In Q2

The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more

Tech Start-Ups Advised To Guard Against Foreign Investment Risks

The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more

Global IT Outage Threatens To Cost Insurers Billions

Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more

Global IT Outage Disrupts Airlines, Financial Services, And Media Groups

On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy.