Cybersecurity firm Trend Micro revealed that a rogue employee sold its customer data to hackers, exposing those customers to potential fraud. According to the company’s announcement, thousands of customers had been exposed, as the rogue sold names and phone numbers that resided in the company’s customer support database.
Things became suspicious, Trend Micro explained, when its customers started getting phone calls from people claiming to be employees of Trend Micro. It is now in the process of notifying potentially exposed customers about the risks.
Roughly 70,000 people need to be notified about the data breach.
The fake calls started in August, and Trend Micro was soon notified. After a brief investigation, it discovered that there had not been an outside breach, which made them shift their attention towards the inside. Soon after it discovered a "malicious insider threat".
"The suspect was a Trend Micro employee who improperly accessed the data with a clear criminal intent," the company said in a blog post. "Our investigation revealed that this employee sold the stolen information to a currently unknown third-party malicious actor."
The employee has since been fired, and the police are involved.
"If a support call is to be made, it will be scheduled in advance. If you receive an unexpected phone call claiming to be from Trend Micro, hang up and report the incident to Trend Micro support using our official contact details below," the company said.