IDG News Service - Symantec Corp. said today that the credit card data of three of its U.K. customers may have been leaked to undercover reporters via a worker at the software vendor's call center contractor in India.
A spokesman for Symantec India said that the company has narrowed its focus on an employee of contractor e4e Inc. as a possible suspect, and has turned over information that includes recorded phone calls to Indian police for use in their investigation.
However, the head of e4e's Indian subsidiary denied that there has been any data thefts at the Bangalore-based unit.
Reporters from BBC claimed last week that they had posed as fraudsters and bought the names, addresses and credit card account details of U.K. residents from a man who they said lived in Delhi, India.
Three of the people whose data was obtained by the reporters had bought software from Symantec in telephone transactions, the BBC said in its report.
Symantec stopped routing sales inquiries and other calls to e4e as soon as the matter came to its attention, according to the software vendor's spokesman.
The company was planning to discontinue its relationship with e4e by the end of this month for commercial reasons, but it decided to expedite the transition in view of the suspicion of data theft at the call center, the spokesman said. He added that Symantec didn't have any previous security problems with the call center operator.
But e4e said that there was no evidence whatsoever linking its operations to the data leakage reported by the BBC. Narasingarao Dataram, president of e4e India, said his company is just one of many call center operators in India to which Symantec has been outsourcing customer service work.
On hearing of the BBC report that data from Symantec customers may have been compromised, e4e did an internal check and also alerted India's cybercrime police, Dataram said. But, he added, that was done only out of due diligence and not because e4e officials thought that the data had been leaked from the company.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
