loader gif

Attackers breached PCM to steal client information and conduct gift card fraud

Attackers breached PCM to steal client information and conduct gift card fraud
  • The attackers managed to gain access by stealing the administrative credentials that PCM uses to manage client accounts within Office 365.
  • A security expert at a PCM customer said that the attackers prime motive is to steal client information that could be used to conduct gift card fraud at various retailers and financial institutions.

What is the issue?

Attackers stole Office 365 credentials from tech provider PCM to gain access to client data that could be used to conduct a gift fraud scam.

What happened?

PCM became aware of unusual activity during mid-May 2019. According to the tech solutions provider, attackers gained access to the client’s email and file sharing services, Office 365. The attackers managed to gain access by stealing the administrative credentials that PCM uses to manage client accounts within Office 365.

“We recently experienced a cyber incident that impacted certain of its systems,” PCM told KrebsOnSecurity in a statement.

What is the impact?

  • Upon discovery, PCM launched an investigation and found out that the incident has impacted very limited customers.
  • The tech provider confirmed that the incident has been remediated and the potentially impacted customers have been notified about the breach.

“From its investigation, impact to its systems was limited and the matter has been remediated. The incident did not impact all of PCM customers; in fact, investigation has revealed minimal-to-no impact to PCM customers. To the extent any PCM customers were potentially impacted by the incident, those PCM customers have been made aware of the incident and PCM worked with them to address any concerns they had,” PCM said.

What is the reason behind the hack?

A security expert at a PCM customer said that the attackers prime motive is to steal client information that could be used to conduct gift card fraud at various retailers and financial institutions.

It is to be noted that attackers breached Wipro employee accounts and IT systems last month in order to steal client info and use it for gift card fraud. However, it is unclear whether PCM was a follow-on victim from the Wipro breach, or if it was targeted separately.

loader gif