Slashdot Mirror
Offshored Identity Theft
Travoltus writes "The threat of increased misuse of consumer personal data by offshore criminals was first made publicly known with the UCSF Pakistani medical transcriber scandal. Then, in a logical progression of events, it was discovered that foreign criminal interests were offering money to offshored call center workers to surrender consumer data. Now that threat has been realized: Offshored call center staffers at Mphasis BPO have allegedly stolen £200,000 using United States customers' personal information. It is believed that Indian police reacted swiftly to catch the thieves, but only £12,000 has been recovered so far, and it is not really known who orchestrated this theft or where the rest of that money is now. It is also unknown as of yet how much of a mess this has created for the U.S. citizens who were victimized. Let's hope that the people whose information was stolen don't have to go through what other identity theft victims have to endure, to clean up their good name."
Why is identity theft by foreigners considered more scary that identity theft by Americans. I'd bet you $100 that the vast, vast, vast majority of credit card fraud on Americans is committed by their fellow countrymen[0].
[0] Or women.
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
Please fill in you credit card number, social security number, date of birth, mother's maiden name and your password to all you most important information below:
The worst part about stuff like this is that the system is set up in favor of the person stealing the information. There are what seems to be very few safeguards to prevent the theft of someone's information. However, when it's time to clean up the mess, those responsible for it, including companies that were mishandling the information, are nowhere to be found. Thus leaving the victim to spend excessive amounts of time and money clearing their "good" name. Just proves the only person watching out for you is yourself, so be careful who you trust.
This is one of the biggest problems that I see with our apparently inevitable slide toward an ownership society.
The plan as I read it is to offshore everything with the thought that we'll still own the capital and intellectual property that people who do the actual work will be dependent on. I think incidents like this shine a spotlight on why this kind of thing won't work in the long term. What happens when the people who do the actual work (and that you're throwing the equivalent of scraps to) decide they don't like your arrangement? They change the rules (example: steal people's identities) and you have little recourse since you don't actually do anything and are wholly dependent on them.
I'm a big tall mofo.
The parent is the first dupe post I've seen on Slashdot. Will it get another +5 Insightful? Only time will tell.
:)
Best of luck, Dancin_Santa.
Unfortunately, I am not Wil Wheaton
Putting the focus on the fact that the thieves were working in outsourced operations is beside the point. The necessary assumption for this story to make sense, is that these off-shore workers steal more money from Americans than other Americans do. While I don't have statistics in front of me, I highly doubt that the off-shore theft problem is even comparable to in-house work. Big deal, some people stole a relatively small sum of money... it's only news because those "evil Indians" are taking all our jobs and are now stealing our money too!
"They took er jerrrrbs!"
Though, this time it's not as simple as preventing the future from happening.
The real reason for not wanting my personal information to leave this country is that I have more faith in the laws of my country to be able adequately deter & punish the folks who commit these sorts of crimes. I don't think that non-US citizens are any more or less good people, but they may have less of a deterrent to do the right thing.
it probably isn't the first, I recall seeing similar thing before couple of times. Usually though at least people have the courtesy to not copypaste directly.
anyways.. this is proof of that you could do a slashdot karma-collecting machine quite easily, you would look for similar words in the story text and then automatically repost comments from previous stories that seem like they could be a fit. the discussion is usually general enough and the mods on enough crack to not notice if there's some small thing that goes wrong.
world was created 5 seconds before this post as it is.
"stolen £200,000 using United States customers' personal information"
£200,000?! I smell a rat. What kind of Americans keep that much British money around?
Whatever you tink about Lou Dobbs, it's very irresponsible to just dismiss him as a racist.
Even "nationalist" is nonsense, he's merely pointing out one of the problems with unresitriced and unbalanced "unfair" trade. Now, you could argue this is a good thing, and we could point out the problems and have a discussion. But by labeling him a racist, the only thing you're trying to do is to "shut down" any arguments by coming up with ridiculous ad hominem attacks.
I'm an immigrant to this country, and I'm not a fan of outsourcing. I'm all for other immigrants from all over the world to continue coming here and contributing their talents to our local economies, but there is a problem when now people don't even want to become US residents, because they jobs are being drained away from here. We're about to face a serious crisis, when our technological workforce is being decimated by these companies. And there's nothing racist in pointing that out, nothing.
As for security, I don't think most if any people here are saying that a particular nationality is less trustworthy. But you'd be a fool if you don't recognize that some of the safety mechanism we enjoy in this country, are not as robust or even exist in other parts of the less developed world. As we deal with the poorest of nations, with our sensitive data, we have to be *extremely* careful. Already, there have been incidents of bribing by local crime syndicates in some of these countries to obtain data to steal identities. Can that happen in the US? Of course! But the question is, where is it more likely, and what are the protections we need to employ in these situations.
There's a rich discussion to be had on this topic, but please, try to come up with something better than "they're racist".
I concur. There are bad people everywhere. However, if the countries which host these offshore efforts do not respond to the criminal activities at least as well as the US (which shouldn't be too hard in my mind) then they will lose the ability to either gain or maintain business. Also, consumer choice may have an effect over the long term (similar to the "look for the union label" or the boycott of manufacturers that use child labor/sweat shops). I have no doubt the absence of offshore labor could become a marketing tool in the near future.
"Keep your friends close and your enemies closer."
Closer, in the instant case, meaning the same continent or at least someplace where we can capture and prosecute the fsckers.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
You forgot to offer chocolate for it...
--- "To pee or not to pee, that is the question." ---
Take a hike pal. American Capitalism did exactly the same things to 3rd world Latin American countries if not worse than what Lou Dobbs describes as happening to "Americans" (Read aging white urban professional crowd). His incessent rant about illegal aliens is pathetic. Illegal aliens (mostly mexicans) are everywhere. They do all menial work. Instead of crediting them for doing these jobs, he is trying to make them untouchables. He never presents the other side of the coin and he is a journalist. I dont see why the person who called him a racist should!
If you are willing to lick shoes to immigrate to America and others are not, thats your problem. (You wearing an american flag for a tshirt doesnt change the fact that you jumped through hoops to achieve immigrant status and everyone knows it.) Whether you like it or not, outsourcing will stay, because thats the way capitalism works. If you dont like it, go back to where you came from - you might find a job. Your opinion doesnt matter unless you are ultra rich.
Finally: Welcome to America. Land of Opportunity. And Lou Dobbs is a pretty pathetic attempt at covering up racism.
While offshoring of these type of jobs may be inevitable, I would expect companies to be damn sure of what they are doing if they are handing my personal details to a third party, especially one outside the US
While dealing with identity theft happening within the US is bad enough, it would be a nighmare trying to sort this out when it happens overseas. ... i.e you are essentially at their mercy.
This does not mean that people outside the US are any more (or less) dishonest than within. But when you try to track down criminals in another country you are essentially at the mercy of the police in that place, and there may be no way of compelling them to help
All you touch and all you see is all your life will ever be
That's all that matters to upper management -- savings. Now, with many offshoring efforts only yielding 10 or 15% savings, what does an event like this do? It blows any potential savings, resulting in a net loss. Nice going, Mr. Shiny Hair And Teeth Strategic-Thinker!
Now, this question is directed at those big-shot CIOs who troll here, let me ask you something (feel free to reply as ACs). How much money does something like *this* cost your precious bottom line? And when it happens again, then what? What could possibly happen that would make you think "Gee, maybe our technical staff shouldn't live on the other side of the world and work for somebody else (including our competition)?" Or does that even matter?
Yeah, yeah, I know... Fugeddaboutit, it's purely rhetorical. I realize that employment horizon of the corporate ruling class is only as far ahead as their golden parachute payout. I'm sure you'll find a way to blame these failures on somebody else, Mr. Executive, and your replacement can implement a new strategy for cleaning up the mess.
Sure location matters. If your employees are nearby, you can keep tabs on them. You might even be able to directly affect their morale in a positive manner.
Either way, you can keep better control of things.
Also, culture is relevant in these matters. Some countries have traditions of institutionalized graft. To casually gloss over such differences is the real racist notion here.
What you are promoting is pretty much equivalent to the notion that if you speak slow enough everyone will understand english.
A Pirate and a Puritan look the same on a balance sheet.
"The threat of increased misuse of consumer personal data by offshore criminals was first made publicly known with the UCSF Pakistani medical transcriber scandal"
As a Pakistani, I am somewhat offended by the incorrect assumption made here. The medical transcriber was not paid for her work. She then "threatened" to release the medical data of various patients. Desperate mesure for sure, but she really didn't have much recourse. She couldn't take them to small claims court in Pakistan or something like that. Does this make her a "criminal" as suggested by the story? I hardly think so.
I think the issue underscored here is risk vs. reward. For someone in the US 30,000 USD isn't *that* much, not enough for many of us to risk jail time. That amount barely covers a years salary for many and I'd say for most reading this site it is way less then a years salary. If you're making $2.00/hr that is a LOT of money. Now we are talking almost a DECADE of salary.
Maybe it's not the same story but both stories originate from Pune, India and both deal with employees of a call center transferring money in the amount of Rs 1.5 crore.
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
My aim was certainly not to give the impression that I distrust people outside the United States but rather to discuss the idea of the purported plan for an "ownership society" within the U.S. of:
1. US Workers do menial labor
2. US outsources menial labor
3. US Workers do skilled labor
4. US outsources skilled labor
5. US Workers own everything and do no labor
6. US outsources all labor
What do we expect will happen? Why will we "own" everything? Because a piece of paper says we own it. What happens when the people that actually do the work tear up the piece of paper?
I think incidents like this are tiny examples of what's to come.
I'm a big tall mofo.
There is a remedy for handling this in the future for US citizens. We need to push our legislators to enforce it, which is obviously hard to do.
US Corporations are legally (criminally and civily) liable for the accuracy and protection of data that they collect on US Citizens.
This then needs to be negotiated into international treaties.
This would make a given company think twice about what information it really needs to be collecting, and how it will be protected. If the company wishes to outsource work, fine, that needs to be disclosed, and the company still remains liable for the protection of that data.
There need to be laws, and the laws must have teeth. This is a "service" that companies are carrying out "in the public trush." They need to be penalized for violations.
The Washington DC area metro system recently went to electronic cards for paying for using their parking garages. The all of a suddent realized that low paid workers that have large ammounts of money passing through their hands on a daily basis are a bad risk in terms of theft of said money.
Comment maid by other people: "No shit, Sherlock." and "Duh!"
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
FYI, Lou Dobbs was called a racist by Al Franken for using the term, better close your eyes, "illegal alien".
Another group of people are mad at him for writting "People who come to the US with H-1B and L1 visas don't pay any taxes, and they return home with all the money they earned here. They are all cheap foreign labor."
If you think thoses are racist terms then don't click on the link to slashdot.
I wonder how long before class action lawsuits arise out of this. It seems reasonable to assume that outsourcing and offshoring of this sensitive personal information would be a risky practice and could even border on negligence.
It's not about trustworthy people. You will find those anywhere. It's about the people who now have access to our personal data being outside of our Legal and Law enforcement system. In the UK they have a data protection act which restricts personal data from going outside their country. The U.S. would be wise to adopt such a policy. One would think it would be a no brainer these days with our talk of being tough on terrorists. In light of recent news of our borders being porous and our domestic response teams being ill prepared. It really makes me wonder if we are really still that concerned about domestic terrorism.
On behalf of American Identity Thieves Workers Union I would like to strongly protest against this clear
loss of jobs of American people!
Indian identity thieves steal our, American thieves jobs and endanger our true American way of life!
I honestly believe that our government should do something about it!
We need more control over our own credit reports, since advancing our lives is completely dependent on them.
IIRC, it's very very hard for foreign companies to get Chinese companies prosecuted. India may be very law-abiding; be aware that that isn't a universal trait.
For the love of God, please learn to spell "ridiculous"!!!
I think incidents like this are tiny examples of what's to come.
Exactly. It's already been proven in Argentina after the financial collapse there (brought about by too much outsourcing and too many large tax breaks given to foreign big business by President Menos, btw). One evening, all the foreign multinationals, including the banks, emptied their safes, chained the doors, and fled the country under cover of darkness. The next morning, the workers showed up to work and found they were all out of jobs. After sitting around moping for a while, they said "screw it", kicked the doors of the now-vacant factories down, started up the machines, and continued producing their product. They pay themselves all an equal wage, out of the profits. They call it fabrica ocupada, "occupied factory". Please note that Argentina was very prosperous, comparable to Canada or Australia.
Now the old owners have found out that the workers are able to cut prices on their products (while still maintaining quality), because the wages of the owners and the management perqs -- golf trips, planes and whatnot are actually the biggest wasteful overhead -- and demand possession of their abandoned factories back in order to stop the "people" from competing with them (they still make their goods elsewhere and ship them into Argentina).
You forget one detail - the poorer the country, the bigger the value that USD 100 has. Most americans would not risk their freedom for 10,000 USD, but for somebody in a poor country that is enough to retire on... so people are more tempted.
It is an inevitable consequence of exporting jobs to lower-paid workers - the temptation to steal is much greater.
Have fun posting.
Do you always enjoy copying and pasting your own comments from previous articles? Post from 4 days ago
Imagine US call center workers... Let's say they make ~$35K/year.
How much do they need to be offered before they'll break the law? 2x salary? 3x? more? Remember, the workers are withing US jurisdiction and will probably be identified. It needs to be enough money to "get away." Let's say 3x salary.
$105K (3x salary) is almost 30 percent of what the thieves stole.
Now, export that job to someone getting paid $8K/year and it not only makes it cheaper for the company outsourcing the work, it also makes it cheaper for the thieves. 3x salary would only be 6% of the take.
And, it may not even require that much money. Being overseas places the call center staff well out of US jurisdiction. Unless the offense is something particularly vile, nations (US included) will generally protect their own.
While I agree that there are bad people everywhere I believe that sensitive data should not be sent out of this country. SSN is an example of something that is used for to many things. I think having tax returns processed oversea's is a really bad idea. Relying on other countries police forces to secure our private data is stupid! I think in time we will all find that all this outsourcing is going to change our way of life for the worse.
Well going by the summary, in this case the authorities did act swiftly, so it looks like India is a Good country and the story's emphasis on the location is mostly due to xenophobia.
BTW, here in Canada, we're very weary of companies who outsource some of their information processing to USA. US has very little privacy laws and worse, it has the PATRIOT ACT, so we'd rather spend more money and keep our info away from USA where it can be easily and legally bought by large corporations or copied by the government.
hahah, good luck getting a even a mediocre job without showing some ID, and probably being subject to a credit check. So I'd agree with you that it would be great to live that way, except we don't have a free society in which to do it.
That's so Polyanna it almost makes me picture you with pig tails. ;) In the countries you listed 30 or 40 grand is a lot of money. Enough to buy influence with regional authorities who might decide to drag their feet for a piece of the action. Pretty soon the local governments are sidelining their income with identity theft.
This is only the beginning of problems and these people were a bunch of low-level amateurs. Once foreign governments figure out how to monetize that information then you're really going to see some serious shit.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Not really. You give most people the opportunity to acquire ill-gotten gains without risk and give them a reason to rationalize it, they will commit the crime 8 times out of 10.
You get what you pay for.
Do you honestly think that somebody could actually go unpunished doing what the Pakistani woman did with confidential medical records in the US? Offshoring has turned into a race to the bottom. I think that companies that put their customers' information at risk by sending it to places with lax privacy laws should be subject to a tax of 50% of their total earnings. The funds of this tax will be used to help ID theft vitctims get their lives back together.
"Do I dare disturb the universe?"
what's more, until I got a green card, I had no hope of ever seeing any of that money back should I need it.
WTF is this goober talking about? The only way you get to send money home without paying taxes is if you're paid under the table. And that's usually crap jobs doing crap for crappy people.
If you have an H1-B (or any other kind of visa) you can't slip under the radar and expect to get away with it.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Easy one first:
>>bad people are there in the US too,
Yes, and since they're in the US, in the employment of US companies, they may be easily and switftly prosecuted and stolen money may more easily be recovered. This is not the case in a country strattling the first-world/third-world fence. Hiring a lawyer to represent a foreign company on the other side of the world isn't easy, cheap or effective.
Now, the other point.
>>saving are much more that 10-15%, more around 60-70% atleast.
70%? No way, no how. Don't believe everything the marketing weasels tell you -- they're salesmen who get paid for getting your CIO to sign a contract, delivering results is somebody else's job and by that time the salesmen are long gone.
According to the big consulting firms, a very-well-executed offshore program *may* return 40% savings. In the case of a particular Fortune 100 with which I'm familiar a forecast (and we know how accurate those figures are) savings of 30% *may* only *potentially* be realized after the "startup" phase (i.e. first couple of years) during which there are no savings whatsoever because permanent staff must be pulled off assignments to train the replacement workers, startup/training costs are factored, software licensing costs are added (~4000 per seat at my shop) during the 1st year the offshore staff isn't handling all the support tasks (permanent staff is kept as "3rd/4th line backup", offshore "scouts" are flown to US to gather information, meetings to assess the effort are conducted, reviews of metrics, etc. etc.
In other words, some companies are spending A LOT more up front to offshore, with the hopes that somewhere down the line, years from now, when the permanent staff is fired, the company might save a few bucks. That's if everything goes perfectly, which it won't.
So far, many companies are just spending more and crossing their fingers, hoping the consulting companies deliver on promises.
How can they get by with this? Startup costs for offshoring efforts are put into a different slot by the accountants than operational costs which tends to mask the real spendings and underline the "savings." So it looks like a win-win situation which in fact it's a washout over a three or five year span.
Argentina was prosperous in the 1920s, but after that it has always been an "upper middle class" third-world nation at best.
And the rest of your comment is a "Marxist Polyanna" type of thing, something you must have cut-and-pasted from some play for kids in Stalinist Russia. What really happened in Argentina was that the country held its currency so overvalued for so long that eventually all its foreign currency reserves were gone and the country started defaulting in its payments.
Argentina, for the last 30 years or so, since Juan Peron last became president, has been a total example of fiscal irresponsibility. In some provinces 40% of the people were employed by the state. You can't pay so many people doing non-productive jobs without taxing the rest of the people 100% of their income.
The result was an inflation that eventually topped 200% in a month and the economic problems that get partially controlled from time to time only to rise again a couple of years later.
And the rest of your comment is a "Marxist Polyanna" type of thing, something you must have cut-and-pasted from some play for kids in Stalinist Russia.
The result was an inflation that eventually topped 200% in a month
Of course the real answer is that both of you are correct. The inflation did go out of control, The laborers did in fact restart the abandoned factories. The latter did help to contain the former: the worker-owned factories paid lower wages (remember, these were people who now had zero income, and a low wage is better than zero) and produced less expensive goods, countering inflation, much as Wal-Mart has done in the US (without being worker-owned).
Say my visa company is broken into and my personal info (ssn, mothers madien name, etc.) is copied by the perps in say India. Now, a year or so later, some dork in Easter Europe is using my personal information to get credit cards, home loans, whatever. How do I know that the personal information compromised through my visa company was used to assume my identity? It could have just as easily been someone who patiently taped together my shreaded documents or some other company with my personal information that was compromised.
Because so many people have my, and other peoples personal information, the burden of proof for many of these cases is pretty high. In many (most?) cases, it's prohibitively high.
-- john
I really wouldn't expect this story to affect anyone's bottom line at all.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
What is East Indian? Is there a Red Indian police? West Indian police? Who wrote this? Do people still live in world of "East Indian"? Wake up and learn respect.
where did my sig go? where's my sig at?
And then worry about international identity theft.
I can understand being worried that your personal information ends up being sent outside of your country of citizenship as an effect of outsourcing. It doesn't really matter where it's shipped to, as soon as it crosses the border, it becomes that much harder to catch and prosecute.
The thing is, if people want something badly enough, they will put up with the risk of identity theft. And some people just don't care enough or know enough to take simple precautions. I'll give you an example. I work for a Canadian company that takes orders from both Canada and the United States. We do not take orders through our email, because we do not have any kind of security with regards to our email system. When we contact clients, we specifically say not to email us credit card numbers, expiry dates, or other sensitive information. This isn't in the fine print, either, it's right in the body of the message! Yet people email us that kind of information all the time. And although an American tracing identity theft to Canada is probably a hell of a lot easier than tracing it to India, and our laws are similar in many respects, we are still accross a border. As such it would be significantly more difficult to trace and prosecute an offence committed in Canada from the States.
Identity theft, nationally or internationally, will not stop until people start taking personal responsibility for their information as much as possible. It's like locking your door whenever you leave the house -- a determined theif is not going to be deterred by a lock when there is a window that can be smashed. Locks are just there to keep honest people honest. At least protect yourself against crimes of opportunity.