Attackers Use Information Gathered in PCM Inc. Breach to Conduct Gift Card Fraud

PCM Inc., a major US-based cloud solution provider whose clients include state and federal governments, suffered a network intrusion that allowed hackers to access clients’ email and file sharing systems. Although attribution cannot be confirmed, intelligence analysts concur that the threat actor is likely the same group that compromised Wipro earlier this year. According to KrebsOnSecurity, the attacker intends to confiscate client information and credentials in order to conduct gift card fraud at various retailers and financial institutions. Immediately upon notification of the cyber intrusion, PCM Inc. initiated an investigation, stating that impact was limited and the matter had been remediated. The NJCCIC recommends users ensure their anti-virus/anti-malware, hardware, and software are up-to-date, and enable multi-factor authentication where available. Educating others about this and similar threats can limit victimization. Users may refer to the RiskIQ report for further analysis and technical details. Users may report identity theft cases to the FTC at IdentityTheft[.]gov and incidents to the NJCCIC via the cyber incident report form.