Trend Micro on Tuesday disclosed an insider threat incident that involved an employee selling the personal information of roughly 100,000 customers to tech support scammers.
Trend Micro learned in early August that some customers of its home security product had been getting scam calls from individuals claiming to represent Trend Micro support. An investigation was launched immediately and, in late October, the company concluded that an insider was involved.
“Our open investigation has confirmed that this was not an external hack, but rather the work of a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls,” Trend Micro said.
According to the cybersecurity firm, an employee improperly accessed a customer support database containing names, email addresses, support ticket numbers and, in some cases, phone numbers. The company says there is no evidence that any other type of information, such as financial details or data on enterprise customers, has been compromised.
Trend Micro determined that the employee sold the information to an unknown “malicious actor,” which used it to make scam calls pretending to be Trend Micro support personnel.
The employee in question has been terminated and there is an ongoing law enforcement investigation into this incident.
Trend Micro has determined that less than 1% of the 12 million customers using its consumer solutions are affected and they should have already received a notification from the company. It appears the scammers targeted only English-speaking customers.
“If you have purchased our consumer product, you should know that Trend Micro will never call you unexpectedly. If a support call is to be made, it will be scheduled in advance. If you receive an unexpected phone call claiming to be from Trend Micro, hang up and report the incident to Trend Micro support using our official contact details below,” Trend Micro told customers.
Related: Insider Threat: Common Myths and Misconceptions
Related: Ex-Senate Employee Pleads Guilty to Theft of Personal Data
Related: Former Employee Hacks Popular WordPress Plugin’s Website
Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- NIST Publishes Final Version of 800-82r3 OT Security Guide
- Johnson Controls Hit by Ransomware
- Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users
- Government Shutdown Could Bench 80% of CISA Staff
- Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor
- macOS 14 Sonoma Patches 60 Vulnerabilities
- New GPU Side-Channel Attack Allows Malicious Websites to Steal Data
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
