Narayan AmmachchiGlobal BPO provider Sutherland Global Services (SGS) has been thrust into controversy after an employee at its Kingston, Jamaica, office was implicated in a ticket fraud scheme that inflicted substantial financial losses on its client, StubHub.
One of the suspects, Tyrone Rose, along with an unidentified co-worker, exploited their privileged system access to manipulate a loophole in StubHub’s platform, according to a complaint filed with a criminal court in Queens, New York.
The American ticket marketplace had a reseller contract with Sutherland, granting its employees access to specific backend functions. Rose and his accomplice capitalized on this access to resell nearly 1,000 tickets for high-profile events, including Taylor Swift’s Eras Tour, Adele and Ed Sheeran concerts, NBA games, and the U.S. Open Tennis Championships.
StubHub generates a unique URL for each ticket purchase, allowing buyers to download their tickets. Rose and his co-worker infiltrated a restricted part of the system where ticket orders were stored. They then altered the email addresses linked to these orders, redirecting the ticket download links to their associates instead of the legitimate buyers.
Between June 2022 and July 2023, they stole 993 tickets across 350 orders, with the majority coming from Swift’s Eras Tour, thanks to its record-breaking demand.
When StubHub uncovered the fraud, it swiftly terminated its contract with Sutherland and alerted law enforcement.
New York police have arrested Tyrone Rose and Shamara Simmons, while a third suspect remains on the run. A fourth accomplice died before facing charges. Rose and Simmons are now confronting serious charges, including grand larceny, computer tampering, and conspiracy, which could result in prison sentences ranging from 3 to 15 years.
Could it be Avoided?
The case has ignited major concerns about security oversight at Sutherland, leaving the global BPO firm scrambling to contain the fallout.
Jared Koll, a CX advisor based in Minneapolis, Minnesota, believes Sutherland could have averted the incident had it implemented “AI-anomaly solutions.” These tools monitor agents’ behavior and flag high-risk actions, such as accessing unauthorized databases.
“Further, geo-fencing and device security could have stopped these agents from accessing unauthorized systems in the first place, through permissions and device access controls.”
After discovering the fraud, StubHub promptly issued a press release and announced the contract termination. However, Sutherland has remained silent, neither making a public statement nor responding to Nearshore Americas’ email inquiry.
“We don’t know the internal steps SGS is taking, but if we were advising them, we’d expect a full post-mortem and an RFP process for upgraded security infrastructure,” Koll said when asked about potential next steps.
“If you are a Jamaica-based BPO that is NOT SGS, you should launch a full messaging push, publicly highlighting the compliance improvements you’ve made since 2024.”
Jamaica’s Reaction
According to Radio Jamaica, Wayne Sinclair, president of the Global Services Association of Jamaica (GSAJ), said the incident has cast a long shadow over Jamaica’s BPO industry.
This is partly because the accused are Jamaican nationals who likely exploited the trust Sutherland Global placed in them.
Sinclair called for hefty penalties on employees who engage in such crimes.
“Such (punishments) will act as a real deterrent to people who may be thinking about doing this because I think right now there’s a sense that it’s worth the risk.”
However, the GSAJ President emphasized that all BPOs have enforced stringent security protocols to safeguard client data. He stressed that this breach occurred due to a betrayal of trust by employees.
“Our BPOs have strong, independent relationships with clients, reinforced by frequent client visits to our locations and rigorous inspections of our physical and IT security protocols and processes.”
“The confidence of our collective client base in our service is rooted in these trusted personal relationships.”
Add comment