March 23, 2012, 11:37 AM — Hackers and hacktivists may be responsible for more data breaches than insiders, cybercrimes may be getting easier to commit –according to the FBI, at least – and the Internet may have become such a bad neighborhood that it requires not one, but two oppressively harsh, unrealistically broad bills in Congress to combat it.
That doesn't mean light fingers have no place in the world of crime anymore; even crime involving identity and data theft.
According to a story in the U.K.'s Daily Mail, workers at several call centers in India have been making money on the side by recording as many as 45 separate points of data on half a million British customers and selling them for as little as two pence per record.
The information includes names, debit and credit-card numbers (along with expiration dates and CCV/CVV codes), medical and financial records.
Reporters from the Sunday Times uncovered the scheme by going undercover as buyers. Two men calling themselves "IT consultants" claimed to have been selling the information for so long they could tell which banks issued a credit card simply by looking at the number.
Their sources, they said, were call-center workers who were paid to "exfiltrate" data from their offices, most of which served as outsourced customer- or technical-support centers for, in this case, British businesses.
The story gave no indication the corruption included U.S. businesses as well as those in the U.K., but there is no reason to believe only British companies would be targeted.
Both U.S. and British businesses frequently hire call-centers and other technical-services companies in India to handle human-labor-intensive work that would be more expensive if it were done at home due to higher relative salaries and overhead costs in Western countries.