Did you buy or renew software over the phone from Symantec? Check your statements carefully -- your credit card details may have been leaked by a rogue staffer.
Symantec Corporation claims the credit card information of three of its customers in the United Kingdom could have potentially been leaked to reporters working undercover by a worker at the vendor’s India call center location. This follows claims from reporters at the BBC that names, addresses, and credit card account details of UK residents had been purchased from a man residing in Delhi, India.
All three individuals who had their data compromised had purchased software from Symantec via telephone transaction.
A spokesman for Symantec’s India stated that the company has begun focusing its investigation on an employee which works for e4e Inc. a contractor for Symantec. Currently phone calls and other information have been turned over to police in India for further investigation.
Symantec had plans to discontinue the relationship they had with e4e at the end of the month for "commercial reasons", however they also stopped routing sales inquiries and other calls there as soon as the situation was brought to light. Previously Symantec had no security issues with the call center contractor, said spokesperson.
As soon as the BBC reported the data leak, Symantec instantly did an internal check and instantly alerted cybercrime police in India.
e4e claims that they do not feel that their company had anything to do with the data leak which the BBC reported. The company claims that they are among many other call center contractors in India to which Symantec has outsourced work.