Cloud service provider PCM hit in breach targeting Office 365 credentials

Cloud service provider PCM hit in breach targeting Office 365 credentials

A major US-based cloud services provider, PCM, fell victim to a digital intrusion that allowed hackers to access emails and customers’ file-sharing systems.

First reported by Brian Krebs on his website Krebs on Security, sources say that PCM discovered the breach in mid-May 2019. Attackers reportedly stole administrative credentials that PCM uses to manage client accounts within Office 365, a cloud-based email and file-sharing service run by Microsoft.

A statement from PCM has claimed that the incident did not impact all its customers and, if anything, the company claims an investigation has revealed “minimal to no impact”.

A security expert at a PCM customer who was recently notified of the incident said the intruders appeared interested in stealing information that could be used to conduct gift card fraud.

Gift cards have emerged as a preferred target for cybercriminals in recent years as they are considerably easier to resell for cash versus purchasing actual items with stolen credit card credentials. Gift cards have also proven a popular method to launder money. The financial worth of each individual transaction, while often small, can prove lucrative when committed in bulk, meaning that criminals can gain thousands in a relatively low-friction exchange while still evading the hawk eye of major law enforcement agencies.

Hackers in this instance used PCM as a jumping-off point to access company customers, similar to the modus operandi of the attackers behind the Wipro breach of April 2019. Just like the PCM attack, hackers in the Wipro event also used their access to perpetrate gift card fraud.

Operation Cloud Hopper, a hacking operation linked to the Chinese Ministry of State Security, similarly used IT and cloud services providers as a backdoor to access high-profile firms such as IBM, Sabre, Ericsson and Hewlett-Packard.

PCM is currently in the process of being acquired by Arizona-based technology company Insight Enterprises. The company has not, as of yet, responded to requests for comment on the acquisition in light of this recent news.

The post Cloud service provider PCM hit in breach targeting Office 365 credentials appeared first on Silicon Republic.

binary options europe