Entries Tagged "India"

Page 3 of 3

Indian Call Center Sells Personal Information

There was yet another incident where call center staffer was selling personal data. The data consisted of banking details of British customers, and was sold by people at an outsourced call center in India.

I predict a spate of essays warning us of the security risks of offshore outsourcing. That’s stupid; this has almost nothing to do with offshoring. It’s no different than the Lembo case, and that happened in the safe and secure United States.

There are security risks to outsourcing, and there are security risks to offshore outsourcing. But the risk illustrated in this story is the risk of malicious insiders, and that is mostly independent of outsourcing. Lousy wages, lack of ownership, a poor work environment, and so on can all increase the risk of malicious insiders, but that’s true regardless of who owns the call center or in what currency the salary is paid in. Yes, it’s harder to prosecute across national boundaries, but the deterrence here is more contractual than criminal.

The problem here is people, not corporate or national boundaries.

Posted on June 24, 2005 at 9:35 AMView Comments

Insider Attack Against Citibank

Insiders are the biggest threat:

The Pune police have unearthed a major siphoning racket involving former and serving callcentre employees.

They allegedly transferred a total of [15 million rupees (US $350,000)] from a multinational bank into their own accounts, opened under fictitious names. The money was used to splurge on luxuries like cars and mobile phones.

The call center was in India. The victim was Citibank.

Posted on April 11, 2005 at 9:14 AMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.