New Private Data Leakage from Indian Call Centre

An Indian call centre worker is accused of selling personal information on 1,000 UK bank accounts for Р€4.25 each.

The details of the case were published by English newspaper The Sun. It reported that Indian criminal could copy more than 200,000 customer accounts a month, containing passwords, addresses, phone numbers and passport details. Potential actions of call centre insider could affect more than one UK bank, so the details have been handed to the police.

Business process outsourcing is an efficient way to save money. Many UK firms have moved their call centers offshore, including most banks, building societies and the National Rail Service. Staff in India cost around 80 penny per hour compared to Р€6 in the UK. However low IT-security measures and databases with private information create many opportunities for insiders to steal customers' money or sell clients' details.

That's why London police immediately initiated the investigation of the case and asked Interpol for the help. The Sun named the seller as Kkaran Bahree and said that he claimed to be able to pass on details of mortgages, medical bills and mobile phones. He told the journalist that he had a thriving business selling such information to Britain and India, and made contact with buyers via the internet.

Police has already known that Karan Bahree is an employee at Infinity eSearch, a web designing company in Gurgaon (a New Delhi suburb) that has become a hub of outsourcing companies. Karan Bahree deny any wrongdoing. He says that he is innocent and jus has been trying to make a presentation to someone. The company said it had nothing to do with the scandal, and that it had given Bahree, on probation for three months in the company, until Friday evening to formally explain his role. The Sun said the New Delhi-based seller said he had bought the information from contacts who work in the call centers, one of the fastest growing segments of India's economy.

The investigation is ongoing.

This incident is not the first one related to insiders' action in call centers in India. In May 2005 the criminal ring consisted of call centre workers in Pune, India, was arrested for looting $350,000 from the accounts of Citibank's US customers.

Prevention of private data leakages is an actual problem for Russian call and contact centers. Russian and international IT-security experts insist that a lot of Russian clients and solution distributors do not give enough consideration to information security, while the main threat of the security comes from unfair employees.

“Karan Bahree undermined the reputation of India as a BPO-partner. Anyway foreign companies were unhappy with low IT-security measures in India, now “India" has become an informal synonym of the word “fraud". I'm sure that Indian government will try to break the situation, for instance, by adopting minimal IT-security requirements for BPO-companies. In addition, Indian business itself is interested in providing secure services, so it can use special software to prevent private data leakages", — commented Denis Zenkin, the Marketing Director of InfoWatch company.

Sources: vnunet.com, MSNBC News

.
l.12-.057c.834-.407 1.663-.812 2.53-1.211a42.414 42.414 0 0 1 3.345-1.374c2.478-.867 5.078-1.427 7.788-1.427 2.715 0 5.318.56 7.786 1.427z" transform="translate(-128 -243)"/>