What is the issue?
Attackers stole Office 365 credentials from tech provider PCM to gain access to client data that could be used to conduct a gift fraud scam.
PCM became aware of unusual activity during mid-May 2019. According to the tech solutions provider, attackers gained access to the client’s email and file sharing services, Office 365. The attackers managed to gain access by stealing the administrative credentials that PCM uses to manage client accounts within Office 365.
“We recently experienced a cyber incident that impacted certain of its systems,” PCM told KrebsOnSecurity in a statement.
What is the impact?
“From its investigation, impact to its systems was limited and the matter has been remediated. The incident did not impact all of PCM customers; in fact, investigation has revealed minimal-to-no impact to PCM customers. To the extent any PCM customers were potentially impacted by the incident, those PCM customers have been made aware of the incident and PCM worked with them to address any concerns they had,” PCM said.
What is the reason behind the hack?
A security expert at a PCM customer said that the attackers prime motive is to steal client information that could be used to conduct gift card fraud at various retailers and financial institutions.
It is to be noted that attackers breached Wipro employee accounts and IT systems last month in order to steal client info and use it for gift card fraud. However, it is unclear whether PCM was a follow-on victim from the Wipro breach, or if it was targeted separately.