Crash victims plagued by calls after RAC worker stole information
Former staff member fined £5,000 after investigation finds he illegally stored data from 272 accidents
A FORMER employee of the RAC has been found to have stolen data on crash victims after 21 drivers were harassed by accident claims companies.
Asif Iqbal Khan was fined £5,000 after an investigation by the Information Commissioner’s Office (ICO) found he had stored data from 272 separate incidents on his phones.
The 42-year-old was working as a customer solutions specialist when in 2019 the national breakdown company received complaints from suspicious drivers who had been phoned by claims companies in January of that year.
A review by the RAC discovered that he was the only person who had access to the details of all 21 crash victims.
Further investigations uncovered instances of Mr Khan furtively taking photographs of his computer screen with his phone. A customer receipt for £12,000 was also found.
He admitted two counts of data theft when he appeared at Dudley magistrates’ court in the West Midlands earlier this month and, along with the fine, was ordered to pay court costs as well as a £170 victim surcharge. Stephen Eckersley, ICO director of investigations, said: “Being involved in a road traffic accident can be deeply distressing – to then have this data used and then stolen as a result, adds insult to injury.
“We know that receiving nuisance calls can be hugely frustrating and people often wonder how these companies got their details in the first place.
“This case shows one such way that it happens, but it also shows how we are working every day to track down and bring those who commit these crimes to justice.”
The RAC said it would not be commenting on this particular case.
It is the second time in recent years that an RAC employee has been convicted of collecting data that was later allegedly used by claims companies.
In January 2021, Kim Doyle received an eight-month suspended prison sentence after it was found that she had transferred personal data to an accident claims management company without authorisation.
The 33-year-old pleaded guilty to charges of conspiracy to secure unauthorised access to computer data and to selling unlawfully obtained personal data, at a hearing in January 2020. She was sentenced a year later.
A fleet management company alerted the RAC to nuisance calls received by one of its staff members after a crash.
This prompted the RAC to perform a data leakage scan of its online mailboxes, where it found evidence Doyle had been compiling unauthorised lists of customers.