I worked for an ISP that uses Openreach’s infrastructure in the UK. In order to make changes to customer installations or repairs we had to call an Openreach Contact Centre. These were basically big call centres in India. Many of my customers got contacted by scammers from India shortly after me contacting Openreach about their accounts using information like their address, contact details and information about the work they were receiving, and demanding things like card details to ensure the work went forward.
It was obvious Indian workers in those call centres were taking pictures of customer account details and using that info to scam those customers, but my company refused to do anything about it because we “lacked evidence” and just told us to let customers know any communication about their accounts would come directly from us and we’d never ask for any card details etc.
I’m certain any other companies, whether UK or US, that use centralised admin from India and similar places with poor security will be plagued with these exact same issues.
To understand how seriously the British take the NHS we did a thing in Scouts where we went around the circle asking the children (aged 10-14) what the liked most and least about Britain. Out of around 20 of the kids, 5-6 said the NHS for what they liked most. The first child to mention the NHS was 11 years old.
The weather was by and far the least liked thing about Britain.