BPO office in Mumbai breached confidential data of a New-York based company.

By Abhay Shah, Realty Quarter

Confidential information by a New York-based company assigned to a Bhayandar-based Business Process Outsourcing (BPO) was recently jeopardized. This resulted in an inquiry by the police, and a study of the corporate spy angle is also being probed. The BPO firm registered an FIR indicating that the email addresses used to interact with the customer of the New York-based debt retrieval firm were illegally obtained from outside the BPO. A competing firm in Thane supposedly has been accessed to one of the email IDs.

In April 2018 the Company entered into an arrangement with the New York-based firm to provide outsourcing services, according to the FIR filed by SJ Amin, senior manager in the human resources department of Bhayandar-based Epicenter Technology Pvt.Ltd. “As agreed, the BPO Operations Section of Epicenter would deal on its behalf with customers of the New York-based company. The firm in New York gave Epicenter its information with a condition that the information should be kept as a secret,” stated a policeman of Bhayandar.

According to the FIR, five BPO staff was given with four NY Company’s email addresses and passwords to enable them to interact on behalf of the company with customers. These data were confidentially communicated with them. “The agreement does not allow accessing confidential data, client list, client material and files from outside the BPO to the effect that this is not stolen or misused. A laptop from the BPO, with a list of clients, email IDs and other confidential information of a New York-based company, was also given to one of the BPO employees, which had access to the four email IDs and passwords. The employee had subsequently left the BPO but did not return the laptop to the BPO. Later, two other employees had also left the BPO,” said the officer.

In April, BPO authorities found that some other computers accessed the four email IDs and also have changed their passwords. “Another company in Thane’s named Wagle Estate used one of its email IDs. Then the officials of the BPO notified the police and made a complaint,” said the officer.

Atul Kulkarni, Sub-Division Police Officer (SDPO) (Mira-Bhayander) said it might be a matter of a competitor’s corporate espionage. “Epicenter Technology filed a complaint on 13 June, accused of providing secret information to competitors. We are investigating the function of some of the BPO staff who had access to the email IDs. We are recording statements of the staff that have left the BPO and also checking whether e-mail IDs etc. are hacked. A case has been registered under sections 43A (Compensation for failure to protect data), 66C (identity theft), 66D (cheating by personation by using computer resource) and 72A (disclosure of information in breach of lawful contract) of Information Technology Act against unknown persons,” said Kulkarni.