Trend Micro employee sold its customer data to scammers exposing roughly 70,000 users to the data breach.
Does this incident indicate that the data are not safe within the company employees?
Trend Micro is a multinational cybersecurity and defence company with global headquarters in Tokyo, Japan. It’s cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure and Google Cloud Platform.
Trend Micro became suspicious of the incident in August 2019, after customers started receiving phone calls from scammers posing as Trend Micro staff.
“Our open investigation has confirmed that this was not an external hack, but rather the work of a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls,” Trend Micro said.
The investigation revealed that the employee with ‘clear criminal intent’ sold the stolen information to an unknown third-party malicious actor. The company immediately took action by disabling the unauthorised account access and terminating the employee. Currently, the company is working with law enforcement on an ongoing investigation.
The stolen database include Trend Micro consumer customer’s names, phone numbers, email addresses, Trend Micro support ticket numbers.
The company assured that there are no indications that any other information such as financial or credit payment information was involved,or that any data from the business or government customers were improperly accessed.
The company says it has contacted those whose details were exposed.
Trend Micro revealed that the incident affected less than 1% of the Trend Micro’s 12 million consumer customers. The company confirmed that only English-speaking users were impacted.
“If a support call is to be made, it will be scheduled in advance. If you receive an unexpected phone call claiming to be from Trend Micro, hang up and report the incident to Trend Micro support using our official contact details below,” the company said.
You may be interested in reading: Click2Mail Suffers Data Breach