Indian offshorers feel the data theft heat

The call centre customer data theft exposed by The Sun newspaper this week has put the Indian offshore outsourcing business under intense scrutiny.

The call centre customer data theft exposed by the Sun newspaper this week has put the Indian offshore outsourcing business under intense scrutiny.

In return for small amounts of cash, a Sun reporter was offered thousands of customer account details.

It is the third data security threat Indian outsourcers have had to deal with this year. US customers of CitiBank recently found their bank accounts had been plundered of around $350,000 (£190,000) after corrupt call centre workers contacted them to glean personal security details on their accounts.

It is believed that customers were contacted by the fraudsters from personal phones outside the call centre they were employed at. Arrests have been made in connection with the case and a trial is pending.

In addition, leading Indian outsourcers have been targeted by supporters of separatist fighters in Kashmir, who have made a number of bomb threats against big outsourcing companies, who are seen as an important economic target in the separatists' campaign to change Indian government policy on Kashmir.

Such bomb threats have led to a number of evacuations from buildings and have brought data processing to a temporary halt in some cases.

The Sun story brought a swift reaction from outsourcing trade body Nasscom (National Association of Software and Service Companies), concerned the case would fuel negative customer feelings about offshoring.

A Nasscom spokesman said, “Nasscom and its member companies are strong upholders of data privacy and have been continuously strengthening both the legal and enforcement framework for data protection.

“Nasscom will work with the legal authorities in the UK and India to ensure that those responsible for any criminal breaches are promptly prosecuted and face the maximum penalty.”

Nasscom said its member companies were committed to working with the Indian government to amend legislation to make life even more difficult for criminals, training and supporting Indian law enforcement agencies to ensure that they were well equipped to tackle cyber crime, and establishing a register of IT professionals to ensure only suitable staff were employed in the industry.

UK police are now involved in the investigation that has followed the Sun exposé, although it is not clear what jurisdiction they have over a crime committed in India.

Read more on IT risk management