Narayan AmmachchiIn January this year, a TaskUs agent in Indore, India, was caught on camera using her mobile phone to snap screenshots of her workstation.
What followed was a storm. The BPO launched a full-blown probe, grilling every team member. Two employees finally cracked under pressure — they admitted to stealing sensitive data belonging to U.S.-based crypto firm Coinbase.
Their confession shook TaskUs. Management immediately informed Coinbase, then laid off all 226 employees assigned to the client.
Months later, in May, the data breach became public with one of the crypto investors suing the BPO in a New York court.
But what stunned the BPO world wasn’t just the breach. It was what the investigation uncovered: the TaskUs agents had been bribed by cybercriminals.
Around the same time, a BPO employee in Jamaica was arrested for stealing concert tickets from a client’s site and selling them on the open market.
In both cases, it wasn’t hackers breaching firewalls — it was trusted insiders cracking the system wide open. Like the fence devouring the crop, the threat came from within. And that’s the crux of the problem: BPOs handle ultra-sensitive client data but often fall short on offering competitive pay. That makes them easy targets for cybercriminals, who know just how easily a bribe can open the back door.
“The insider threat is the most underestimated risks facing the industry today,” said Pranav Dalal, CEO of Office Beacon, an outsourcing and remote-staffing services provider headquartered in Redondo Beach, CA.
Dalal, whose company operates in Mexico, the Philippines, as well as India, warned: “A single employee can cause irreparable damage.”
“Internal actors know the systems. They know when audits are light, when supervisors change shifts, and how to exploit procedural gaps.”
“The Jamaican concert ticket scam and the data-for-sale scandal in India weren’t isolated blips — they are flashing red lights, warning of systemic vulnerabilities.”
Insider threats now account for nearly 60% of all data breaches, according to the 2024 Verizon Data Breach Investigations Report. The Ponemon Institute’s 2023 report says the cost of these incidents surged by 95% since 2018.
“One internal breach can compromise not just a client’s data, but their entire customer relationship, leading to lawsuits, lost revenue and reputational collapse,” Dalal added.
Both the Jamaican ticket scam and the TaskUs incident ended with the BPOs losing their contracts — leaving senior executives scrambling to defend their firms’ credibility.
So, what’s the fix?
When it comes to stopping data breaches, BPOs have few choices left. “Employing cutting-edge technologies and deploying strict monitoring measures are the only options,” said Lou Haverty, founder of Philadelphia-based contact center firm Faster Answering.
Watching how employees behave can reveal a lot, according to Washington, D.C.-based human risk management firm Nisos. In a blog post, it laid out red flags that often point to a rogue insider.
One big sign: unusual work patterns. Agents logging in at odd hours — especially late at night — deserve a closer look. Then there’s online behavior. Frustrated employees may vent on social media, hinting at deeper dissatisfaction. Some may even be actively job-hunting or secretly networking with competitors.
The warning signs don’t stop there. Large data downloads, use of personal devices, or emailing files to private accounts should trigger instant concern. It gets worse when someone tries to delete system logs, tamper with security protocols, or access information well outside their job scope.
If any of those signs appear, it’s not just smoke — it’s fire.
There are many more things to deal with, Dalal suggests. “You should start with rigorous hiring — extensive background checks, behavior profiling and scenario-based assessments.”
And once agents are onboarded “They should be treated as stewards of trust, not just task-runners. Their access to client data should be restricted, monitored, and conditional.”
At Office Beacon, Dalal said, “Every login, file access and screen movement is tracked using biometric authentication and session logging.”
Most BPOs today use AI and machine learning for defense. These tools analyze everything — from keystrokes and screen activity to speech and behavioral patterns.
“These systems analyze vast datasets — keystroke dynamics, screen activity, communication patterns — and flag deviations from normal workflows. For example, if an agent accesses files at unusual hours or starts exporting data in an irregular format, alerts are triggered instantly.”
Still, total security remains elusive, argued Haverty.
“You can never be 100% certain that you will never have a security breach. You always have to be alert to that possibility.”
Add comment