UPDATED 21:53 EST / JUNE 27 2019

SECURITY

Hackers steal Office 365 credentials from tech solutions provider PCM

Technology solutions provider PCM Inc. has been successfully hacked with credentials and data relating to clients stolen.

Detailed by Krebs on Security, the hack is said to have been detected in mid-May with those behind the attack able to gain access to client’s email and file sharing services. While better-known for its direct marketing of hardware, PCM is also a re-seller of cloud services, and the latter the is target of those behind the hack.

According to the report, the hackers stole administrative credentials that PCM uses to manage client accounts within Office 365. The intruders are said to have been primarily interested in stealing information that could be used to conduct gift card fraud at various retailers and financial institutions.

PCM confirmed the hack, calling it a “cyber incident that impacted certain of its systems” that affected a limited number of systems and had since been remediated. “The incident did not impact all of PCM customers; in fact, investigation has revealed minimal-to-no impact to PCM customers,” the company said.

Robert Prigge, president of identity verification firm Jumio Corp. told SiliconANGLE that having personal email hacked is one thing, but having the administrative credentials stolen from PCM — the same credentials they use to manage client accounts within Office 365 — is “next-level.”

“If these hackers can access the Office 365 accounts of PCM’s customers, they can unlock a lot of personal data and sensitive business documents,” Prigge explained. “Think about it — if a hacker has access to your Office 365 account, they can reset your password and lock you out. What’s worse, they may use that same email address as their username for other online accounts.”

Kevin Gosschalk, chief executive officer of fraud prevention technology provider Arkose Labs Inc., said it’s especially dangerous that hackers got access to email and file-sharing systems.

 

“The lasting impact of this breach — like every data breach involving exposed PII and credentials — is not yet fully realized,” Gosschalk said. “Each breach empowers fraudsters with more ammunition to attack businesses in a highly targeted manner and the large amount of exposed credentials on the dark web is responsible for the steady rise in account takeover attacks. Companies must make it a priority to secure their attack surface so hackers cannot extract economic reward from their company, and sensitive data is protected.”

Photo: Raysonho/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU