Trend Micro employee sold customers’ data to scammers

Trend Micro reported an unpleasant incident that occurred this summer: company’s employee was selling user data to scammers.

“We recently became aware of a security incident that resulted in the unauthorized disclosure of some personal data of an isolated number of customers of our consumer product. We immediately started investigating the situation and found that this was the result of a malicious insider threat. The suspect was a Trend Micro employee who improperly accessed the data with a clear criminal intent”, — confessed in Trend Micro.

It all started in August 2019: users are increasingly receiving suspicious phone calls from people who appear to be Trend Micro support staff.

It soon became clear that scammers are not only good at using social engineering, but they do have detailed customer information, that is, they call well prepared. After that, Trend Micro began an investigation of what was happening.

“If you have purchased our consumer product, you should know that Trend Micro will never call you unexpectedly. If a support call is to be made, it will be scheduled in advance. If you receive an unexpected phone call claiming to be from Trend Micro, hang up and report the incident to Trend Micro support using our official contact details”, — report in the company.

The investigation ended at the end of October and revealed that for the incident is responsible an insider – an unnamed Trend Micro employee who intentionally obtained unauthorized access to user data and then sold this information to yet unknown scammers.

Read also: Chrome and Firefox developers save users from intrusive messages

As a result, the criminals had at their disposal the names of customers, email addresses, numbers of applications submitted to the support service, and in some cases phone numbers. The aforementioned attacks mainly affected the English-speaking customers of the company.

Representatives of Trend Micro emphasize that the leak did not affect the payment data of users, and information about corporate and government customers of the company was not stolen.