Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Security / Data Leaks

Data Leaks

BBC Buys Compromised Credit Card Details from India

Some of them originated in a call center outsourced by Symantec

By Lucian Constantin, Web News Editor

23rd of March 2009, 11:20 GMT

Adjust text size:


Credit card details leaked from Indian call centers
Enlarge picture
BBC reporters have bought valid stolen credit card details from a man in New Delhi, India. The cards are thought to have been leaked from Indian call centers, including one handling Symantec software license renewals.

Acting on a tip, a team of undercover BBC reporters flew to India to meet Saurabh Sachar, a man willing to sell details of credit and debit cards belonging to UK citizens. The broker offered to provide hundreds of credit card details for a price of $10 a piece.

The reporters agreed to acquire information on 50 cards and 14 were supplied to them on the spot. The rest were sent later via e-mail. The Delhi-man specified that the details had been obtained from call centers handling payments for international companies.

According to the BBC, the details of one in seven cards that they had received were completely valid. The rest also had valid names, addresses and post codes, but the credit card numbers were off by one digit.

When notifying the card owners that their information had been compromised, the reporters learned that three of them made a purchase from Symantec and supplied the details over the phone. These purchases had been made only hours before the reporters bought the cards in India.

A Symantec representative noted that the company launched an investigation into the incident and that it was offering free credit monitoring services to the affected customers. He also said that the call center had been identified and that this was most likely an isolated incident. The IT security vendor is considering ending the business relationship with the center.

"As we continue our investigation, we will promptly notify any additional customers impacted by the situation and will take appropriate action to protect the interests of our customers," a statement reads. The authorities in India have been alerted and are also investigating the case.

Meanwhile, the man who sold the credit card details to the BBC reporters is denying everything. He claims that the reporters owed him money and that the document filmed on tape was a balance sheet. He has also denied supplying any information via e-mail.

Outsourcing might save companies money, but it also poses a great security risk for customers. This is because countries that are heavily used for outsourcing do not have data protection laws nearly as strong as the U.K. or the U.S. In fact, according to a local lawyer, India does not have any legislation dedicated to data protection.

TAGS:

 call center | BBC investigation | credit card fraud | information selling | Symantec outsourcing
Read by 1,375 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
NOT RATED 0 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Security Experts Claim That BBC Broke the Law

Symantec Denies SQL Injection – Hacker Disagrees

Symantec and HP Lose Employees' Personal Information

Heartland and RBS WorldPay No Longer PCI Compliant

New Payment Processor Data Breach on the Horizon

India's Ministry of External Affairs Suffers Security Breach

RBS WorldPay Security Breach Earns Fraudsters $9 Million

Sensitive Data Leak Frenzy Hits Germany

User opinions:


Comment #1 by: Techtalk on 24 Mar 2009, 08:05 GMT reply to this comment

We cannot expect much in the absence of legislative framework in this regard. The government of India and DSCI has to pro actively do something in this regard. India’s cyber law, with further confusion about its status, is also detrimental for BPO growth. Cyber Security in India is missing and the same requires rejuvenation. When even PMO's cyber security is compromised for many months we must at least now wake up. If DSCI is really serious about data protection in India first it must acquire expertise to do so. The best option is to scrap the IT Act Amendment Bill, 2008 and come up with good cyber law as well as data protection law in India.

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive