Indian call centres sold health records, credit cards

By

Call centre agent meets reporters with a laptop full of data.

Indian call centre staff have sold credit-card details and patient records to third parties according to reports.


An investigation by the The Sunday Times found "corrupt Indian call centre workers" sold confidential personal data of more than 500,000 Britons to cyber criminals and marketing firms.

Two alleged call centre information technology staff met undercover reporters and boasted of having 45 different sets of personal information.

The data included names, addresses and phone numbers of credit-card holders, and the cards' start and expiry dates and three-digit security verification codes. Other information being sold on related to mortgages, loans, insurance and mobile phone contracts.

The Daily Mail claimed that the information is being sold for cents and one of the consultants met the undercover reporters in a hotel room in a town near Delhi, carrying a laptop full of data.

“What's most alarming about this case is how easy it seems for call centre staff to misuse confidential information.," Marc Lee, EMEA sales director at Courion, said. 

"In this case the selling of sensitive data could have been prevented or detected at an early stage had the call centres' IT staff had effective systems in place to control and monitor user access to confidential information. Such access risk management systems should be able to control who is accessing customer data, how it is being used, where and when."

“Another effective measure to prevent insider threats would be to implement specific restrictions for copying confidential data onto USBs or other external devices, or disabling access to such information from specific locations or at certain times.”

This article originally appeared at scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Top US diplomat impersonated with AI by unknown actor

Top US diplomat impersonated with AI by unknown actor

Log In

  |  Forgot your password?