Bulldog fingers sacked employee for credit card scam

Pakistani call centres swindle customers

By Chris Williams • Get more from this author

Posted in Law, 29th May 2007 11:49 GMT

Tune into our application security webcast, click here

Cable and Wireless, the former owner of ISP Bulldog, has blamed a sacked employee for the illegal use of a database containing 100,000 customer details.

The firm has taken out a High Court injunction against the woman, named by the BBC as Seemab Zafar, who was canned by Bulldog in 2005 after failing to return as planned from a business trip to Pakistan. She now runs an outsourcing business and has denied any involvement in the data theft.

The breach emerged when customers began receiving unsolicited phone calls asking them for credit card information. According to the BBC, Pakistani call centres tricked customers into giving details which were used to take money and set up fake PayPal accounts.

The injunction demands that Zafar and third parties stop using the data, and tell Cable and Wireless exactly what information it included. The firm said it believes the legal action has led to the destruction of all copies of the database.

Cable and Wireless was keen to point out that accounts which had been attacked by the credit card scam were not directly based on financial data taken from it. In a statement, it said: "There is no evidence that any credit card details have been misused. Indeed, the credit card details in the sample customer information held by the BBC do not match the customer database."

It also said its use of outsourcers was unrelated to the crime. It said: "Make no mistake, we will take every possible course of action available to us to bring this matter to a suitable conclusion and to ensure the protection of Bulldog customers."

Bulldog was bought by Pipex in 2006. ®

See what The Register's experts have to say on application security