India’s National Association of Software and Service Companies (NASSCOM) has offered to work with authorities in the U.K. and India to investigate reports of the illegal sale of data of British bank account holders by a Delhi-based seller, the group said in a statement Thursday.
The Sun, a tabloid in London, reported Thursday that one of its reporters, working undercover, was sold top secret information on 1,000 bank accounts. The seller said he had picked up the data from contacts at call centres in Delhi, according to the newspaper.
The information received included account holders’ addresses, secret passwords, credit card details, passport information and drivers licence information, according to The Sun.
The data pertained to accounts held in British banks who have outsourced work to call centre companies in and around Delhi, the tabloid said. The seller, identified by The Sun as Kkaran Bahree, is said to have told the reporter that he could provide 200,000 more account details per month.
The seller, however, denied the allegations in an interview to BBC World Service radio.
A dossier with the information, including the names of the banks whose security could have been compromised, was handed over to the City of London Police which is investigating, according to The Sun.
But a spokeswoman for the City of London Police said they did not have jurisdiction to bring prosecution in the U.K. “We have passed information through Interpol to the Indian authorities, and we are working with them to secure prosecution of this individual,” she added.
The report by The Sun comes at a time when the Indian outsourcing industry has launched a number of campaigns to convince its customers that outsourcing to India is safe, and that Indian outsourcers have adequate safeguards to protect data from customers abroad. NASSCOM in Delhi announced recently that it is setting up a registry of IT and call centre professionals to ensure that only suitable staff are employed in the industry.
In April, police in Pune in western India arrested former employees of a call centre operation in the city on charges of defrauding four New York account holders of Citibank NA. The three former employees of Mphasis BPO, the business process outsourcing operation of Mphasis BFL Group, a software and services company in Bangalore, were charged with collecting and misusing account information, including personal identification numbers (PINs), from the four Citibank account holders.
NASSCOM has pointed out that data theft is not particular to India. “That it attracts so much of publicity is in itself an indicator that it is something very rare in India,” said Kiran Karnik, president of NASSCOM earlier this month.
Every nation has a responsibility to take on the criminals, NASSCOM said in its statement Thursday. India, with its strong legal system and independent judiciary, takes this responsibility seriously, NASSCOM added.