another example of the Credit Card industry's deceptive advertising targeting children
cartoon of the month

Friday, June 24, 2005

BPO frauds and India's IT Minister sleeps.

Indian BPOs stung where it hurts most
Prerna K. Mishra, Siddharth Zarabi and Vijay Dutt
New Delhi/London, June 23, 2005

In a claim that may re-ignite passions against outsourcing work to India, mass-selling British tabloid The Sun has created a sensation by reporting that it managed to purchase bank details of 1,000 Britons for just £3 each from one Karan Bahree, 24, in Delhi.

The paper said its reporter had obtained addresses, passwords, phone numbers and details of credit cards, passports and driving licences which could be used to raid the accounts of unsuspecting victims.

It said the institutions targeted included many of Britain's top banks such as NatWest, HSBC, Barclays, and Lloyds TSB. Bahree said he had obtained the information from contacts working at call centres and boasted he could provide 200,000 account details a month -- including those of US citizens.

In separate statements, HSBC, Barclays, and Lloyds TSB said the security of data was a top priority and they were taking the allegations seriously.

Not the first

This is the second blow for the Indian call-centre industry, which employs over 3.5 lakh people spread across nearly 600 international call-centre locations. In April, the Pune police had arrested 16 Mphasis employees for a $350,000 online credit-card fraud in which Citibank customers were allegedly enticed to part with their personal identification numbers.

It is perhaps why the Sun's rather hysterical headline, "Your Life for Sale", evoked a wide range of responses in the UK and India.

UK response

For starters, London police said they were investigating the newspaper claim. Detective chief inspector Oliver Shaw said the allegations were serious, but added: "We would like to warn the Sun readers, instances of this kind are still relatively rare." A London police spokeswoman said, "The breadth of what we are going to be investigating is not clear yet."

Barclays spokeswoman, however, clarified: "We would be surprised if we were involved as no personal data is held in India."

An executive at one of the banks whose client details are claimed to have been broken into, told HT in London that the report was "sketchy" about how the security arrangements in place were breached. She admitted that such an incident could happen anywhere, "Glasgow, Wales" or any other place.

Ian Mullen, the British Banking Association's chief executive, said they were concerned but added staff in India were checked as rigorously as workers elsewhere. "The quality of staff in these call centres is very high," he told BBC Radio.

Indian response

In New Delhi, Minister for Communications and IT Dayanidhi Maran dismissed the incident as a "freak" occurrence. "Please remember that incidents like this have happened all over the Western world," he said. "We do not believe that it is a matter for us (the government) to get into, as it relates to private parties."

Nasscom president Kiran Karnik acknowledged that this was a terrible thing to happen. He, however, added: "The problem is not unique to any single nation -- it is one that affects us all."

Cyber-crime lawyer Pavan Duggal said a case, if filed, will fall under the dual jurisdiction of India and Britain.

Sex and Indian BPO data security risks exposed again

Cash for a villain ... crooked Karan Bahree with Sun undercover reporter

Your life for sale

By OLIVER HARVEY
and SUN ONLINE REPORTER

CROOKED call centre workers in India are flogging details of Britons’ bank accounts, a Sun probe has found.

Our undercover reporter Oliver Harvey was sold the top secret information on a thousand accounts, and numbers of passports and credit cards.

And today City of London police launched an investigation after receiving a dossier of information from The Sun giving details of the banks whose security may have been compromised.

A number of high street banks including Barclays, the Woolwich, HSBC and Lloyds TSB, said they were working with police.

Harvey, who paid a total of 5,000 US dollars (£2,750) for the information and was asked for another £275 to be sent later, was told details usually cost £4.25 but he was getting a special deal.

Karan Bahree, who said he got the details from a network of call centre workers in Delhi, also boasted that he could get up to 2,000 account details a month.

The information received included account holders’ addresses, secret passwords, credit card details, passports and driving licence information.

In some cases there were also the issue and expiry dates of bank cards, as well as the three digit security number from the back of the card.

A spokeswoman for the City of London Police said: "All the financial institutions identified have been fully informed of the situation.

"An investigation is now under way. Therefore it would be inappropriate for us to provide further details at this stage."

The spokeswoman said The Sun handed police the names of banks that might have been compromised following an investigation into the security of financial information held at foreign call centres.

"At this stage we are not fully aware of the breadth of what we are going to be investigating.

"We have been handed information and it is being reviewed."