Japanese cyber security specialist Trend Micro has admitted a “security incident” that saw a rogue employee sell data of tens of thousands of customers to a third party.
The firm said that the details of 68,000 customers had been compromised in “not an external hack, but rather the work of a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls.”
In August Kaspersky Lab warned in a report that cyber incidents in industrial settings were mostly down to human error.
But the Trend Micro data theft was down to a malicious internal actor.
We recently became aware of a security incident that resulted in the unauthorized disclosure of some personal data of an isolated number of customers of our consumer product,” blogged the Japanese firm.
“We immediately started investigating the situation and found that this was the result of a malicious insider threat,” it added. “The suspect was a Trend Micro employee who improperly accessed the data with a clear criminal intent.”
The employee has been terminated (presumably his employment contract), Trend said.
“Our open investigation has confirmed that this was not an external hack, but rather the work of a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls,” wrote Trend. “That said, we hold ourselves to a higher level of accountability and sincerely apologize to all impacted customers for this situation.”
It said it has notified the affected customers (68,000 out of its 12 million worldwide customers).
Trend said that in early August 2019, it became suspicious when some of its consumer customers (mostly English speaking) began receiving scam calls by criminals impersonating Trend Micro support personnel.
“The information that that criminals reportedly possessed in these scam calls led us to suspect a coordinated attack,” said Trend.
It was not until the end of October 2019 that Trend was able to definitively conclude that it was an insider threat.
“A Trend Micro employee used fraudulent means to gain access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers,” it wrote. “There are no indications that any other information such as financial or credit payment information was involved, or that any data from our business or government customers was improperly accessed.”
This staffer sold the information to “a currently unknown third-party malicious actor.”
Trend said that it would never call a customer unexpectedly, and any support calls are scheduled in advance.
Do you know all about security? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…