Symantec investigating customer credit card data theft

By Elinor Mills, CNET News.com
Wednesday, April 01, 2009 11:37 AM

Symantec is looking into allegations that a call center employee in India sold credit card numbers of its customers to BBC News reporters in an undercover investigation.

In a letter to New Hampshire Attorney General Kelly Ayotte dated March 24, the security vendor said it was "investigating a potential security incident involving a small number of customers' credit card information".

Symantec said it was sending a notice to an unnamed customer in New Hampshire who may have been affected by the alleged incident, even though the company does not believe a security breach as defined by New Hampshire statue had occurred.

The company said it has no evidence that credit card information of any U.S. residents was actually compromised, nevertheless it was offering its customers one year of identity protection services through Debix and reviewing its "security processes and third-party vendor protocols".

Symantec spokesman Cris Paden told The Wall Street Journal the company was sending letters to more than 200 customers affected by the theft. Paden did not immediately respond to an e-mail seeking comment late on Tuesday.

The BBC News reported on March 19 that undercover reporters posing as fraudsters had gone to Delhi to buy 50 credit card numbers, at US$10 a card, from a man who claimed to have gotten them from a call center. They filmed the interaction.

The man denied any wrongdoing. Symantec told the BBC that it was an isolated incident and that the "single source" of the leak was no longer working there, according to the report.

When the reporters contacted some of the card owners, three of them said they had bought Norton software from Symantec over the phone using their cards and the purchases were found to have been made within hours of each other and the numbers were sent to the BBC shortly thereafter, the report said.

The BBC recently got flack for purchasing a botnet and using it in some tests to show the dangers Web surfers face.

This article was first published as a blog post on CNET News.

0

0 votes

Save to My Library

Talkback 0 comments

There are currently no comments for this post.

Reply to story

Related Whitepapers

Featured Whitepapers

Tech Jobs Now!

TechGuides

Specials
News and Interviews
Whiteboard

UOB banks on economic downturn
Singapore bank's IT chief Susan Hwee explains how financial crisis offers new opportunities to reengineer
Play video
Domino's Pizza keeps customers eating
CEO Don Meij discusses strategy to grow customer base
Play video

Salesforce CEO chatters about new social media platform
Facebook-type app hits the enterprise
Play video
Salesforce demos Service Cloud 2
New Web-based tools for customer service
Play video

Cost Effective, Secure and HA Server Infrastructure for SMBs
Alan Wan from Dell illustrates how small and medium businesses can build a high availability IT infrastructure without requiring heavy investments on skills and resources.
Play video
Enterprise 2.0
Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
Play video