Sign in / up

back to article RAC duo busted for stealing and selling crash victims' data

Two former workers at roadside assistance provider RAC were this week given suspended sentences after illegally copying and selling tens of thousands of lines of personal data on people involved in accidents. Debbie Okparavero, 61, of Salford, and Maliha Islam, 51, of Manchester, had worked as customer services specialists at …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. lglethal Silver badge
    WTF?

    Wait a second...

    An unknown third party?

    Surely any decision on suspending the custodial sentence should be based on the defendants co-operating in full with the investigation? Not handing over the purchasing scrote sounds like it should be grounds for NOT suspending the sentence...

    32 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Wait a second...

      Because the last government didn't do enough to address the prison system filling up, there is no spare capacity and the courts are under pressure not to impose custodial sentences if they think offenders aren't a public danger. A suspended sentence means little for most criminals as they always reason they won't get caught (or caught again), a few hours littler picking isn't going to spoil their life, so remains to be seen if the proceeds of crime hearing will result in any penalty that stings.

      Regarding the third party, if there's an ongoing investigation (or the possibility) then they can't name names.

      10 2 Reply
      1. Rol
        Reply Icon

        Re: Wait a second...

        The duo are well and truly done for. Their careers as well paid keyboard monkeys are over. They might get jobs shepherding trolleys around a supermarket car park, or burger flipping, but that's about it.

        The impact of their foolishness might not have hit them yet, but their future job experiences will be a constant reminder.

        14 0 Reply
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Re: Wait a second...

          How do you work that one out?

          You don't need a DBS for office jobs. Agencies aren't going to DBS check you because it costs a lot money when you are doing for every single candidate on your books you put forward for a role.

          All they will have is a gap on their CV that needs explaining and a bit of right to be forgotten with google.

          3 0 Reply
          1. Plest Silver badge
            Reply Icon

            Re: Wait a second...

            Been on many interviews lately? Last one I had 9 months ago they requested access to look up me up social media and do a basic background check with official third-party agency. I refused the first ( they're going to do it anyway! ) but refusing the second would have sounded very dodgy so I agreed. I've never so much as had a parking ticket or a missed CC payment, squeaky clean to the core.

            5 0 Reply
          2. Outski
            Reply Icon

            Re: Wait a second...

            The last DBS check I had (for a bank, about ten years ago) I had to pay for myself, only about 25 quid, though.

            1 0 Reply
          3. Rol
            Reply Icon

            Re: Wait a second...

            Every office job I have ever had required at least a DBS check, often more.

            Imagine the court case brought against the employer of one of them, when they try it on again, while working for a company that didn't bother to do the simplest of background checks?

            0 2 Reply
          4. Jimmy2Cows Silver badge
            Reply Icon

            Re: Wait a second...

            Agencies always pass the DBS check cost on to the candidates. They never foot the bill themselves. The candidates are mostly willing to pay it, because not paying it means no chance of work with that agency.

            0 0 Reply

    2. This post has been deleted by its author

    3. cyberdemon Silver badge
      Reply Icon

      Re: Wait a second...

      So the "unknown third party" - presumably some ambulance-chasing law firm or even a scam call centre (why not both) which bribed RAC employees to siphon off customer data, gets off scot free? And still has the data, of course.

      9 1 Reply
      1. Richard 12 Silver badge
        Reply Icon

        Re: Wait a second...

        More likely those entities are still subject to investigation, so cannot be named lest it damage the prosecution.

        Not endangering ongoing investigations and prosecutions is one of the hallmarks of actual journalists.

        3 0 Reply
      2. Outski
        Reply Icon

        Re: Wait a second...

        Even ambulance chasers need to keep their noses clean wrt the SRA

        0 0 Reply
  2. Korev Silver badge
    Thumb Up

    Well done RAC, it sounds like they pretty much did everything correctly (apart from maybe employ them in the first place).

    6 0 Reply
    1. Colin Bull 1
      Reply Icon
      Unhappy

      RAC did everthing correctly?

      To mind this is RACs fault because they have not patched the security hole this leak that used at least 3 times before.

      2 2 Reply
    2. Missing Semicolon Silver badge
      Reply Icon

      Rubbish. It's been going on for years. Got my credit card scammed soon after paying for an accident recovery 2 or 3 years back. Poor supervision and training.

      5 0 Reply
      1. John Brown (no body) Silver badge
        Reply Icon

        And not enough automated system auditing. Access to PII data ought to be audited and the system should trigger and highlight anyone accessing more than expected. That not only will catch the people like these crims, but may also highlight those more productive workers not otherwise recognised. It's not that hard to do and as you rightly say, RAC have past experience of exactly this issue and have not yet properly addressed it. From the article, it sounds as though there were suspicions aroused and they were specifically targetted with some unspecified monitoring software.

        3 0 Reply
  3. Mentat74
    Devil

    Selling 'victims' data...

    Cool.... Now do Facebook.... Because I sure as shiat don't have an account with them, Yet they DO gather, store and sell my personal information !

    9 0 Reply
    1. Roland6 Silver badge
      Reply Icon

      Re: Selling 'victims' data...

      This was the other surprise in this case, no mention of how much the pair actually made for this scam, which would indicate it wasn’t as renumeration as they had hoped.

      2 0 Reply
  4. heyrick Silver badge

    I don't know what is more shocking

    That they got a slap on the wrist (you can be sure they were profiting from this) or that the ICO actually did something.

    However, for those whose crash information was involved, depending on who the recipient was, this may well be rather far from justice being served.

    3 0 Reply
  5. Chris Evans

    The accident claims management company should have been in the dock with them

    In this and the 2021 case It shouldn't be too hard to find out who the accident claims management company was! Even if they were paid in cash surely they just need to ask those people who's details were stolen who contacted them?

    I know many people will just have put the phone down or ignored the email but a significant proportion must respond otherwise it wouldn't be worth the money.

    6 0 Reply
  6. Gordon861

    150 Hours community Service

    So how much did they make from this scheme to sell 30K lines of details?

    Do they keep the money?

    I doubt they were taking the risk for a £1 a contact, £5 might make the risk worth it, for 150 hours work afterwards.

    2 0 Reply
  7. arachnoid2

    What about the end user

    What about the people whos data was shared are they to get compensation and advice from the RAC or is this just media marketing ?

    8 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like