GSA UK - NOA Comments on Call Centre Sting

Founding Member of FormIGA – the global Industry for Good Alliance

Home
RESOURCES
Industry News
NOA Comments on Call Centre Sting

NOA Comments on Call Centre Sting

3 Aug 2011 12:00 AM | Anonymous

Indian call centre staff are selling UK broadband user's financial data, including credit cards and security codes, for as little as 25 pence per user for bulk purchases.

An investigation by The Sun found a former call centre worker who sold the bank account details, personal data such as job description and credit card numbers with the three-digit CVV security code of 1,000 users for £250

Martyn Hart, Chairman of the National Outsourcing Association, said: “Sadly, this is a recurrent problem – but is just as likely to happen in Bolton as Bangalore, if the processes are not right.

“In the current economic climate in India, people leave their job for a few rupees more elsewhere. Staff churn has reached such high levels that some companies are so desperate to get bums on seats and answering the phones that standards appear to have slipped. We believe the companies mentioned run and manage their own operations offshore, rather than outsource to Indian service providers.

“Security in outsourced operations is mission critical; their continued success relies upon a solid reputation. No company would want to work with them if they were known to leak data. Outsourcers simply have more to lose than companies managing call centres themselves. This means they have more robust processes, both in terms of staff vetting and technology-based methods.

“It is alarming that Deepak Chuphal acquired a huge list of comprehensive customer data. Financial information should be protected by business processes that do not allow a staff member access to full sensitive data at one time. No-one person should have access to the full name, address, bank name, sort code and account number etc. all at the same time. Any request for additional information should be logged and audited. This applies to all data centres, whether in India, Europe or anywhere else. This is best practice, as endorsed by the National Outsourcing Association.

“It is not known if Deepak Chuphal has a criminal record, so it is unknown if criminal record checks would have helped prevent this crime (after all, you do not have to be a convicted criminal to have criminal intent) but the National Outsourcing Association calls for ever greater diligence when it comes to background checking, especially in management and IT roles.