Hackers breached the infrastructure of PCM Inc., one of the major U
In 2018 PCM generated roughly $2.2 billion in revenue with more than 2,000 customers.
“Sources say PCM discovered the intrusion in mid-May 2019. Those sources say the attackers stole administrative credentials that PCM uses to manage client accounts within Office 365, a cloud-based file and email sharing service run by Microsoft Corp.” reported Krebs.
The attack appears to be financially motivated, attackers appeared primarily interested in stealing data that could be used in gift card fraud scheme.
Krebs speculates that intruders could be the same that hacked the Indian IT outsourcing giant Wipro Ltd. this year. According to RiskIQ, the group that hacked Wipro has been active since at least 2016, it was focused on targeting gift card providers.
It’s unclear whether PCM was attacked separately or is the attacks are linked. The company attempted to downplay the incident declaring that only a small portion of PCM customers was impacted.
“From its investigation, impact to its systems was limited and the matter has been remediated,” PCM told Krebs. “The incident did not impact all of PCM customers; in fact, investigation has revealed minimal-to-no impact to PCM customers. To the extent any PCM customers were potentially impacted by the incident, those PCM customers have been made aware of the incident and PCM worked with them to address any concerns they had.”
Recently, PCM announced it is going to acquired by global IT provider Insight Enterprises, let’s see if this incident could influence the final economic evaluation of the acquisition.