Trend Micro, a world-renowned security company, recently released an important security bulletin in which the company acknowledged that internal employees had unauthorized access to some of its customer data.
Since August, Trend Micro has received feedback from customers that there are fraudulent gangs posing as Trend Micro technical support agents asking users to pay for security issues. The fraudulent gang’s targeted phone scams made Trend Micro realize that this was not a random phone scam, and it was very likely to be a threat from within the company. Because the fraud gang details the user information such as the name and product used on the phone, it is clear that random fraud is unlikely to have accurate user information. In October, Trend Micro finally confirmed that this was a threat from within the company, and unauthorized employees illegally accessed the customer support database to steal relevant information.
Trend Micro said that internal employees use fraudulent means to illegally access the customer support database, which includes the user’s name, product, mail, and phone number. There are no signs or other information indicating that the stolen information involves financial or credit card data, and Trend Micro’s corporate and government customer data is not illegally accessed. This scam affects 1% of Trend Micro’s 12 million users and only affects customers who use English. According to this calculation, the number of affected users is around 120,000.
Trend Micro said the company will never actively contact consumers by phone. If users receive a support hotline claiming to be Trend Micro, they should hang up immediately. At present, the company has already investigated the security incident and cooperated with law enforcement agencies.