P2022-ND-057

Direct Energy Marketing Limited

On July 19, 2021, the Organization learned that an individual located in India was contacting the Organization’s customers purporting to be a representative of the Organization (the “Fraudster”). The Organization discovered that the Fraudster had been provided authorized access to certain customer information by HCL Technologies Limited (“HCL”). HCL is a contractor that provides customer support services to the Organization. The Fraudster was a customer service agent of HCL located in India who was first provided access to customer information in April of 2021. The Organization believes the Fraudster was misusing his authorized access to customer information in order to attempt to commit fraud by directing customers to pay invoices using payment information that would result in the diversion of funds. On July 19, 2021, HCL alerted the Organization and the Fraudster’s access to customer accounts was immediately terminated. The Organization reported that one customer was defrauded. Two other customers were contacted by the Fraudster but not defrauded.

File Type: pdf
Categories: 2022
Tags: Unauthorized access