Trend Micro disclosed an insider security breach that exposes a set of its consumer customers’ data such as phone numbers, first&Last name, Email address exposed.
The incident was learned by Trend Micro in August 2019, as some of their consumer customers who using home security solutions started receiving spam calls from cybercriminals mimicking as Trend Micro Support.
How the Data Leak Occurs?
The information shared by the cybercriminals over the phone let Trend Micro launch an investigation. the investigation confirms there is no external, but some internal source exfiltrated the data.
Further investigation reveals that “a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls,” reads Trend Micro report.
An Employee uses fraudulent methods to gain access to the customer support database that contains customer details such as names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers.
There are no indications that any other information such as financial or credit payment information was involved, or that any data from our business or government customers was improperly accessed.
The investigation revealed that the employee sold the information to malicious actors, “We took swift action to contain the situation, including immediately disabling the unauthorized account access and terminating the employee in question, and we are continuing to work with law enforcement on an ongoing investigation.”
The company also confirmed that the company “will never call you unexpectedly. If a support call is to be made, it will be scheduled in advance.”
Insider threats are the cybersecurity threats within the organization, possibly it is an employee or a vendor – even ex-employees.
The insider threats categorized into five different types of Disgruntled employees, Malicious insiders, Inside agents, Regular employees, and Third-party providers and contractors.
According to the 2018 threat report, 53% of the companies have confirmed that insider attacks against their organizations in 12 months and 27% said that insider attacks are more frequent.