Cyber-security giant Trend Micro has been forced to admit that a rogue member of staff has stolen the personal data of thousands of its customers, including names and phone numbers, and flogged their the details to a third party.
The company, which provides cyber-security and anti-virus tools to consumers, businesses and organisations around the world, said its suspicions were aroused after customers started receiving phone calls from scammers posing as Trend Micro staff.
The scammers knew so much information about their targets that Trend Micro suspected its customer support database had been breached. Following an internal investigation, the firm discovered its systems had breached by a “malicious insider”.
In a blogpost, the company said: “The suspect was a Trend Micro employee who improperly accessed the data with a clear criminal intent. Our investigation revealed that this employee sold the stolen information to a currently unknown third-party malicious actor.”
The company said it was working with police and the employee in question had been fired.
It added: “If a support call is to be made, it will be scheduled in advance. If you receive an unexpected phone call claiming to be from Trend Micro, hang up and report the incident to Trend Micro support using our official contact details.”
Trend Micro claimed that fewer than 1% of its 12 million customers had been affected, although that still equates up to 120,000 people.
The case comes as Morrisons has started its appeal against a ruling that it was “vicariously liable” for a 2014 data breach, in which a rogue staffer leaked the details of nearly 100,000 employees.
Morrisons is trying to prevent current and former staff claiming compensation.
Morrisons in last ditch bid to stop data breach pay-out
Data breaches, not rogues, are ICO Public Enemy No. 1
Equifax faces £100m data breach pay-out claim in UK
Here we go again: Google back in dock for data tracking
Google summoned to High Court to defend data tracking
BA case may open floodgates for psychological claims
Data breaches can hit mental health, legal firm claims
Ambulance chasing lawyers bolster attack against BA