U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

US-based Cloud Solution Provider PCM Inc. hacked

Hackers breached the infrastructure of PCM Inc., one of the major U.S.-based cloud solution provider, and accessed to email and file sharing systems for some of its clients. Hackers breached the infrastructure of PCM Inc., one of the major U.S.-based cloud solution provider. According to the popular investigator Brian Krebs, the attackers gained access to […]

PCM INC

Hackers breached the infrastructure of PCM Inc., one of the major U.S.-based cloud solution provider, and accessed to email and file sharing systems for some of its clients.

Hackers breached the infrastructure of PCM Inc., one of the major U.S.-based cloud solution provider. According to the popular investigator Brian Krebs, the attackers gained access to email and file sharing systems for some of the company clients.

PCM INC

In 2018 PCM generated roughly $2.2 billion in revenue with more than 2,000 customers.

“Sources say PCM discovered the intrusion in mid-May 2019. Those sources say the attackers stole administrative credentials that PCM uses to manage client accounts within Office 365, a cloud-based file and email sharing service run by Microsoft Corp.” reported Krebs.

The attack appears to be financially motivated, attackers appeared primarily interested in stealing data that could be used in gift card fraud scheme.

Krebs speculates that intruders could be the same that hacked the Indian IT outsourcing giant Wipro Ltd. this year. According to RiskIQ, the group that hacked Wipro has been active since at least 2016, it was focused on targeting gift card providers.

It’s unclear whether PCM was attacked separately or is the attacks are linked. The company attempted to downplay the incident declaring that only a small portion of PCM customers was impacted.

“From its investigation, impact to its systems was limited and the matter has been remediated,” PCM told Krebs. “The incident did not impact all of PCM customers; in fact, investigation has revealed minimal-to-no impact to PCM customers. To the extent any PCM customers were potentially impacted by the incident, those PCM customers have been made aware of the incident and PCM worked with them to address any concerns they had.”

Recently, PCM announced it is going to acquired by global IT provider Insight Enterprises, let’s see if this incident could influence the final economic evaluation of the acquisition.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – PCM, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]