Trend Micro on Tuesday disclosed an insider threat incident that involved an employee selling the personal information of roughly 100,000 customers to tech support scammers.
Trend Micro learned in early August that some customers of its home security product had been getting scam calls from individuals claiming to represent Trend Micro support. An investigation was launched immediately and, in late October, the company concluded that an insider was involved.
“Our open investigation has confirmed that this was not an external hack, but rather the work of a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls,” Trend Micro said.
According to the cybersecurity firm, an employee improperly accessed a customer support database containing names, email addresses, support ticket numbers and, in some cases, phone numbers. The company says there is no evidence that any other type of information, such as financial details or data on enterprise customers, has been compromised.
Trend Micro determined that the employee sold the information to an unknown “malicious actor,” which used it to make scam calls pretending to be Trend Micro support personnel.
The employee in question has been terminated and there is an ongoing law enforcement investigation into this incident.
Trend Micro has determined that less than 1% of the 12 million customers using its consumer solutions are affected and they should have already received a notification from the company. It appears the scammers targeted only English-speaking customers.
“If you have purchased our consumer product, you should know that Trend Micro will never call you unexpectedly. If a support call is to be made, it will be scheduled in advance. If you receive an unexpected phone call claiming to be from Trend Micro, hang up and report the incident to Trend Micro support using our official contact details below,” Trend Micro told customers.
Related: Insider Threat: Common Myths and Misconceptions
Related: Ex-Senate Employee Pleads Guilty to Theft of Personal Data
Related: Former Employee Hacks Popular WordPress Plugin’s Website

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Russia Blames US Intelligence for iOS Zero-Click Attacks
- Cisco Acquiring Armorblox for Predictive and Generative AI Technology
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information
- Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards
- Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
Latest News
- Google Temporarily Offering $180,000 for Full Chain Chrome Exploit
- Russia Blames US Intelligence for iOS Zero-Click Attacks
- Toyota Discloses New Data Breach Involving Vehicle, Customer Information
- Cisco Acquiring Armorblox for Predictive and Generative AI Technology
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- Amazon Settles Ring Customer Spying Complaint
- Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information
- Adobe Inviting Researchers to Private Bug Bounty Program
