
The Tokyo based cyber security company Trend Micro has revealed it has been the victim of a sophisticated insider threat attack. Customer records were accessed and exfiltrated by an employee then used by attackers in a vishing attack on Trend Micro customers.
According to ZDNet:
“Trend Micro has revealed a “security incident” leading to the theft of personal data from customers caused by a former employee.
Suspected to be the work of a Trend Micro employee, the cybersecurity firm says that no external hack took place; rather, the insider pilfered information belonging to clients by accessing a customer support database.
This data was then used to conduct scams, and in August 2019, the company was made aware that some consumers were receiving calls from people pretending to be Trend Micro employees.”
Trend Micro have notified effected customers, believed to be 1 percent of Trend Micro’s 12 million customer base.
https://www.zdnet.com/article/trend-micro-reveals-insider-threat-exposing-customer-data/