Indian outsourcers may have diddled bank

The three were employees of Msource, the business process outsourcing unit of Indian firm MphasiS.

According to Indian press reports, the three allegedly stole the money from the accounts of four Citibank customers using usernames and passwords obtained in the course of their work. The customers notified Citibank, which then tracked the activity to the Pune centre. Nine others are involved in the theft.

Analyst firm Forrester told the Australian press that the theft would have wide reaching effects on outsourcing operations in India.

John McCarthy, vice-president of Forrester's Asia-Pacific operations said that this incident, along with other leaks of customer data, will have far-reaching connotations for the offshore bank office operations.

Ironically it shows the weakness of the certification system, which is supposed to guard against things like this. The centre in Pune was BS 7799- and CMM Level 5-certified, yet the fact that such a theft took place shows that such assurances probably aren't worth that much.

Indian outsourcing outfits have also had other security problems lately. In mid-March, the main Bangalore premises of both Infosys Technologies and Wipro were evacuated following bomb hoaxes. The huge outsourcer Wipro was the target of a bomb hoax last month.

More here.