Hackers breached the infrastructure of PCM Inc., one of the major U
In 2018 PCM generated roughly $2.2 billion in revenue with more than 2,000 customers.
“Sources say PCM discovered the intrusion in mid-May 2019. Those sources say the attackers stole administrative credentials that PCM uses to manage client accounts within Office 365, a cloud-based file and email sharing service run by Microsoft Corp.” reported Krebs.
The attack appears to be financially motivated, attackers appeared primarily interested in stealing data that could be used in gift card fraud scheme.
Krebs speculates that intruders could be the same that hacked the Indian IT outsourcing giant Wipro Ltd. this year. According to RiskIQ, the group that hacked Wipro has been active since at least 2016, it was focused on targeting gift card providers.
It’s unclear whether PCM was attacked separately or is the attacks are linked. The company attempted to downplay the incident declaring that only a small portion of PCM customers was impacted.
“From its investigation, impact to its systems was limited and the matter has been remediated,” PCM told Krebs. “The incident did not impact all of PCM customers; in fact, investigation has revealed minimal-to-no impact to PCM customers. To the extent any PCM customers were potentially impacted by the incident, those PCM customers have been made aware of the incident and PCM worked with them to address any concerns they had.”
Recently, PCM announced it is going to acquired by global IT provider Insight Enterprises, let’s see if this incident could influence the final economic evaluation of the acquisition.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.