UPDATED 21:53 EDT / JUNE 27 2019

SECURITY

Hackers steal Office 365 credentials from tech solutions provider PCM

Technology solutions provider PCM Inc. has been successfully hacked with credentials and data relating to clients stolen.

Detailed by Krebs on Security, the hack is said to have been detected in mid-May with those behind the attack able to gain access to client’s email and file sharing services. While better-known for its direct marketing of hardware, PCM is also a re-seller of cloud services, and the latter the is target of those behind the hack.

According to the report, the hackers stole administrative credentials that PCM uses to manage client accounts within Office 365. The intruders are said to have been primarily interested in stealing information that could be used to conduct gift card fraud at various retailers and financial institutions.

PCM confirmed the hack, calling it a “cyber incident that impacted certain of its systems” that affected a limited number of systems and had since been remediated. “The incident did not impact all of PCM customers; in fact, investigation has revealed minimal-to-no impact to PCM customers,” the company said.

Robert Prigge, president of identity verification firm Jumio Corp. told SiliconANGLE that having personal email hacked is one thing, but having the administrative credentials stolen from PCM — the same credentials they use to manage client accounts within Office 365 — is “next-level.”

“If these hackers can access the Office 365 accounts of PCM’s customers, they can unlock a lot of personal data and sensitive business documents,” Prigge explained. “Think about it — if a hacker has access to your Office 365 account, they can reset your password and lock you out. What’s worse, they may use that same email address as their username for other online accounts.”

Kevin Gosschalk, chief executive officer of fraud prevention technology provider Arkose Labs Inc., said it’s especially dangerous that hackers got access to email and file-sharing systems.

 

“The lasting impact of this breach — like every data breach involving exposed PII and credentials — is not yet fully realized,” Gosschalk said. “Each breach empowers fraudsters with more ammunition to attack businesses in a highly targeted manner and the large amount of exposed credentials on the dark web is responsible for the steady rise in account takeover attacks. Companies must make it a priority to secure their attack surface so hackers cannot extract economic reward from their company, and sensitive data is protected.”

Photo: Raysonho/Wikimedia Commons

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.