Customer databases are one of a company’s most important assets, and nowhere is this more true than in organisations whose core business is lead generation and database sales. Databases are popular, as emails are inexpensive, easy to distribute, and are a highly targeted and effective way of reaching an audience. Unfortunately they have also become an attractive target to malicious insiders.
Louise Robinson, MD of CG Consulting, says businesses looking for databases and lead generation services must beware the “fly by night” companies springing up – many of whom are basing their offerings on stolen data. “There have been an increasing number of companies starting up over the past few years who have claimed to have exclusive databases and have been selling those to unsuspecting customers who have no idea they are stolen, and often out of date. Lead generation companies are only as good as their databases, and if the data isn’t constantly updated, these quickly become worthless.”
She says that data theft has long been an issue for businesses of all types, particularly when employees leave to either start their own business, or to join a competitor. This is particularly worrying when the theft relates to customer information.
“It is always surprising that companies would engage in such dishonest business practices. It just shows that insider threats come in all shapes and sizes. Often, they are disgruntled employees or ex-staff who have taken the notion into their heads that the business has somehow wronged them, and they feel justified in gaining revenge. Some of them are wanting to start competing businesses, but are too lazy and dishonest to do the legwork themselves.”
She says the loss of employees to competitors is also troubling as there is further danger of intellectual property, proprietary data and policies being leaked or stolen. “This challenge is compounded by the fact that taking any action is extremely difficult without strong evidence of theft, a full understanding of exactly what has been stolen, and a deep pocket to cover potentially considerable legal and other expenses.”
According to Robinson, it’s extremely difficult to identify stolen data. “Whether it’s a client database or one containing the details of your competitors, that information can be found if you have the time and the resources. This makes it hard to recognise if that database has been honestly compiled, or has been stolen. Businesses looking for databases of potential leads trust that their lead generation provider is honest, but that isn’t always the case.”
There are a few ways to tell the legitimate lead generation providers from those using stolen data, Robinson explains. “Firstly, establish how long they have been in business and what their credentials are. If they have only been operating for a short while and don’t have a decent client list, alarm bells should start ringing.”
The list of customers is especially important, she adds. “An honest business will share its client list, and will have reputable companies as customers. If a lead generation company can’t provide good references, chances are they are dishonest.”
Ultimately, stolen data is a concern for all parties: the supplier, the purchaser and the people who are listed on the database, she says. “Lead generation is a specialist business, and requires that certain regulations be followed in order to insure the integrity of the information in a database. This includes making sure that the data is not proprietary and does not infringe on any privacy laws. Those companies buying stolen data may inadvertently be breaking those laws, and putting themselves – and their potential clients – at risk.”
Choosing an established and reputable supplier is therefore vital, Robinson concludes. “There are a number of reasons companies should thoroughly evaluate the lead generation specialist they use, not least of which are the legal and ethical implications of buying stolen data. As with any industry, those businesses that have stood the test of time are usually the honest ones.”