Privacy under threat with fake call centres selling user data to corporates

With the Digital India initiative making strides, many people are increasingly uploading and updating their data on digital platforms to conduct transactions.

As a result, a treasure trove of data is available for corporations across the world to be used to sell a myriad of products and services.

However, 33-year-old Puran Gupta and his associates went a step ahead and procured the online data of around one crore people and sold it to prospective buyers.

Gupta and his associates set up a fake call centre, procured data of unsuspecting people and divided it into several categories to be sold to prospective buyers as per their requirements.

On March 4, South East District police had arrested one Ashish Kumar Jha; based on his confession, Gupta was arrested on March 10.

On raiding Gupta's office in south Ganesh Nagar, police found a laptop containing data of around one crore credit card holders. An array of folders was found in the laptop in which Gupta had meticulously categorised his victims.

The list ranged from data of senior citizens, matriculates and university students, to state and court-wise lawyers' data, WhatsApp data, company-wise car owners' data, stockbrokers and election card data.

The data would be sold to buyers at Rs 5,000-Rs 10,000 for 50,000 people.

A single credit/debit card account data was sold at a price of 10-20 paise.

The case came to light when the complainant in the case, Sushil Chandra Rastogi, informed police that someone called him and told that his Citibank credit card has been blocked and if he wants to reactivate it, some details are required. After giving the details, he found that Rs.1,46,000 had been transferred.

During an investigation, Jha's role came to light and it was found that he had earlier worked in several banks and financial Institutions as a sales executive.

In 2013, he became a telemarketer and sold health insurance from his own web portal. For this purpose, he used to purchase data from data providers, which gave him the idea to start his own online credit card cheating scam.

"Ashish Kumar Jha disclosed that he was running a call centre and would procure details of four-five people on a daily basis and sell the same to Puran, who worked as a data entry operator in 2010 and got the idea to procure the data and sell them," said DCP (South East) Romil Baaniya.

However, it was only after Gupta's arrest that cops realised that they had just found the tip of the iceberg.

Gupta had set up a company involved in data collection, data entry and data market research. He used to purchase some of the data, such as credit card information, from Mumbai.

Using the data, the accused would use social engineering techniques usually used by hackers to lure victims from their safe space and make them jeopardise their own security protocol, as was seen in Rastogi's case.

Police are now on the lookout for the main supplier of the credit card data.