INSUBCONTINENT EXCLUSIVE:
Image copyrightGetty ImagesCyber-security company Trend Micro says the personal data of thousands of its customers has been exposed by a
rogue member of staff.The company says an employee sold information from its customer-support database, including names and phone numbers,
to a third party.It became suspicious after customers started receiving phone calls from scammers posing as Trend Micro staff.The company
says it has contacted those whose details were exposed.Trend Micro said it believed approximately 70,000 of its 12 million customers had
been affected."It's every security firm's nightmare for something like this to occur," cyber-expert and writer Graham Cluley told
TheIndianSubcontinent News."You can have all the security in place to prevent external hackers getting in but that doesn't stop internal
staff from taking data and using it for nefarious purposes," he said."If a cyber-security firm like Trend Micro can fall victim to a
security breach, it can happen to any company."Trend Micro provides cyber-security and anti-virus tools to consumers, businesses and
organisations around the world.In August 2019, it received reports many users of its home security software had been receiving scam phone
calls.The scammers knew so much information about their targets that Trend Micro suspected its customer support database had been
breached.It later found out its systems had not been attacked over the internet and it was instead facing a "malicious insider threat"."The
suspect was a Trend Micro employee who improperly accessed the data with a clear criminal intent," the company said in a blog post."Our
investigation revealed that this employee sold the stolen information to a currently unknown third-party malicious actor."The company said
it was working with police and the employee in question had been fired
It said its customer-support staff would never call people "unexpectedly"."If a support call is to be made, it will be scheduled in advance
If you receive an unexpected phone call claiming to be from Trend Micro, hang up and report the incident to Trend Micro support using our
official contact details below," the company said.A UK ruling that suggests companies can be held responsible if their own staff leak data
is currently being challenged by supermarket chain Morrison's.In 2014, an internal auditor at the retailer stole the data, including salary
and bank details, of nearly 100,000 staff and posted it online.Andrew Skelton was jailed for eight years in 2015 after being found guilty at
Bradford Crown Court of fraud, securing unauthorised access to computer material and disclosing personal data.However, a group legal action
also found the supermarket responsible for the actions of its staff.The retailer is currently challenging the ruling at the UK's Supreme
