Language Selection

English French German Italian Portuguese Spanish

Bank details sold in call centre scam

Filed under
Security

City of London police are investigating claims that an Indian call centre worker sold personal information on 1,000 UK bank accounts for £4.25 each.

The worker told an undercover journalist from The Sun that he could copy more than 200,000 customer accounts a month, containing passwords, addresses, phone numbers and passport details.
More than one bank was thought to be involved in the operation, but the details have been handed to the police.

"It is shocking to see that one individual could get their hands on such complete, confidential information," said Donal Casey, a consultant at IT services company Diagonal Security.

"Quite simply this should not be possible. Banks have multiple layers of security and should be tracking and auditing who, within their organisation and the outsourcer's, has access to and is using confidential customer data."

Many UK firms have moved their call centres offshore in a bid to save money, including most banks, building societies and the National Rail Service. Staff in India cost around 80p per hour compared to £6 in the UK.

The Sun named the seller as Kkaran Bahree and said that he claimed to be able to pass on details of mortgages, medical bills and mobile phones.

He told the journalist that he had a thriving business selling such information to Britain and India, and made contact with buyers via the internet.

"Indian workers are no less ethical than UK workers," said Martyn Hart, chairman of the National Outsourcing Association.
"Companies often assume that, once a process is offshored, minimal management is needed, but this is not the case.

"Because of the distance, increased management is required. This ensures that company procedures are adhered to in every location, not only in Indian locations."

Source.

More in Tux Machines

Linux/FOSS Events

  • The Linux Foundation Announces Session Lineup for ApacheCon(TM) Europe
  • OpenShift Commons Gathering event preview
    We're just two months out from the OpenShift Commons Gathering coming up on November 7, 2016 in Seattle, Washington, co-located with KubeCon and CloudNativeCon. OpenShift Origin is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. Origin adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams. And we're excited to say, the 1.3 GA release of OpenShift Origin, which includes Kubernetes 1.3, is out the door! Hear more about the release from Lead Architect for OpenShift Origin, Clayton Coleman.

Security News

  • Report: Linux security must be upgraded to protect future tech
    The summit was used to expose a number of flaws in Linux's design that make it increasingly unsuitable to power modern devices. Linux is the operating system that runs most of the modern world. It is behind everything from web servers and supercomputers to mobile phones. Increasingly, it's also being used to run connected Internet of Things (IoT) devices, including products like cars and intelligent robots.
  • security things in Linux v4.6
    Hector Marco-Gisbert removed a long-standing limitation to mmap ASLR on 32-bit x86, where setting an unlimited stack (e.g. “ulimit -s unlimited“) would turn off mmap ASLR (which provided a way to bypass ASLR when executing setuid processes). Given that ASLR entropy can now be controlled directly (see the v4.5 post), and that the cases where this created an actual problem are very rare, means that if a system sees collisions between unlimited stack and mmap ASLR, they can just adjust the 32-bit ASLR entropy instead.

Raspberry Pi PIXEL and More Improvements

Trainline creates open source platform to help developers deploy apps and environments in AWS