Kerberos failed to verify the signature on the Privilege Attribute Certificate (PAC) field in the Kerberos ticket from the Key Distribution Center (KDC). This indicates that the PAC field was modified.
This is significant because the PAC field is used to store the user’s token. It is possible that someone is attempting to break into your system.
In rare circumstances, it is possible that a memory problem on a router corrupted the packet during transmission.
Verify that the ticket-granting service (TGS) reply packet originated from the KDC. If it did not, investigate a possible attempt to break in to your system.
If the packet did originate from the KDC, reset the machine account password for the KDC.
For more information, see:
Microsoft Help and Support for Microsoft Windows Server 2008 and above
Microsoft Knowledge Base