Cyber Security firm disclosed a security breach by one of their employees who accessed customers’ data with criminal intent. The data reportedly affected sixty-eight thousand customers. Trend Micro is a security firm that offers anti-virus tools and cybersecurity to businesses, organizations and home consumers worldwide.
Trend Micro learned of the incident early August the moment it realized some of their clientele were receiving calls from scammers purporting to be Trend Micro’s support employee. In initial reports, the company believed it to be a coordinated attack.
The company launched an intensive two months of investigation into the case. Their findings were that it was not an external hack to their systems but rather an inside job where a rogue employee gained access to Trend Micro customer database.
Security experts speculate that such a database is appealing for many, i.e., scammers or even competitors alike. Such data could enable hackers to run high target attacks, with some research the scammers can be able to penetrate Trend Micro customers and move to launch ransom wares and business email attacks.
The data is suspected of having been sold either to a competitor or a support services scam team. Although this has not been proven yet, once such type of data is out most times, it ends up being acquired by organized crime syndicates.
Details contained in the database
According to Trend Micro, the employee who turned rogue did not steal any credit card or financial information. It was confirmed that None of Trend Micro’s business or government clients had been affected by the breach.
The stolen database contained data like
- Customer Names
- Email Addresses
- Support Ticket Numbers for Trend Micro
- Phone Numbers
The rogue employee is said to have sold information gained improperly to some unknown third-party who went ahead to call the clients pretending to be Trend Micro’s employees. Although the identity of the employee has not been disclosed yet, Trend Micro has fired the culprit, disabled their user accounts, and reported to law enforcement agency about the incident. Trend Micro spokesperson indicated that since the investigation is still ongoing, therefore they are not at liberty to discuss specifics with regards to the third-party data purchaser. At the moment, all they can call them is a currently-unknown third.
The Company has gone further to warn its clients to be alert of fake calls emanating from Trend Micro support. In their procedures, customer support never calls their clients unexpectedly. They stated that in case of doubt, hang up and report to Trend Micro Support through their official contacts.
Cyber-expert and writer Graham told BBC News that it is every security firm nightmare to have such an occurrence. Just like Trend Micro, one can have tight security preventing external attacks, but the same does not protect against internal staff taking data to use in malicious ways.
Source of awareness
The users of the home security software made Trend Micro aware of a security breach since they were receiving scam phone calls. This prompted the investigations as Trend Micro initially thought they had been attacked from externally.
It was stated that the scammers knew so much regarding their targets that Trend Micro suspected their support database had been compromised.
This insider threat is Trend Micro’s 2019 public cybersecurity issue. Just last year, the company had to make apologies after discoveries were made on some Trend Micro antivirus were capturing data from Mac Browsers and taking it to remote servers.
At the time, some Trend Micro Apps were removed from Apple’s App Store.
The risk of leaked customers information
Clients whose information was leaked from the Trend Micro’s database breach are at risk of phishing and criminal scams pretending to be support staff. Clients are bound to receive false tech support and billing calls as a set up for them to give up more sensitive information like passwords, remote access to devices, and credit card numbers.
Customers are also at risk of receiving texts from Trend Micro imposters containing links to phishing sites. Thus clients are alerted to be careful.
Insider security breach remains a big menace to companies, according to breach investigations reports misuse and insider errors to account for up to 30 percent of breaches this year alone.
Trend Micro is not the only company to suffer an internal data breach; other companies who have been plagued with similar cases are Snap, Facebook and Twitter, just to mention a few.