- Smart cities in action: Kazakhstan’s Carpet CCTV project sets a new standard
- Join BJ's Wholesale Club for just $20 - here's how
- 5 reasons why Google's Trillium could transform AI and cloud computing - and 2 obstacles
- I finally found a leather band for my Apple Watch that exudes quality (and it's on sale)
- How to make sense of your enterprise data with AI
Insurance Worker Sentenced After Illegally Accessing Claimants’ Data
A motor insurance worker has been given a suspended sentence after abusing his position to unlawfully access personal information related to customer policies, according to the UK’s privacy regulator.
Rizwan Manjra, 44, from Bolton, managed an accident claims team at Manchester-based Markerstudy Insurance Services Limited (MISL), according to the Information Commissioner’s Office (ICO).
The regulator revealed it was contacted by the company after suspicions were raised about Manjra’s conduct.
Initially, third-party insurers that MISL worked with flagged their concerns about 185 claims – a higher-than-normal number. MISL followed up with an internal investigation and found that Manjra featured in 160 of these claims, despite not needing to access them, according to the ICO.
Read more on insider threats: ICO Pursues Traffic Accident Data Thieves
The regulator said that over 90% of these claims had not actually been referred to Manjra’s team and there was no legitimate reason why he should be accessing them.
On digging further, MISL found that Manjra had accessed 32,000 policies at weekends, when he was not expected to work. A subsequent ICO investigation, including a search of the suspect’s home, revealed he had been sending details of the personal information he accessed to a third party via a mobile device.
At a hearing at Manchester Crown Court on October 30 2024, Manjra pleaded guilty to one offense under the Computer Misuse Act 1990, relating to unlawful accessing of personal data held on computers. He was sentenced on November 11 to a six-month prison sentence, suspended for two years, and ordered to complete 150 hours of unpaid work.
ICO interim director of enforcement and investigations, Andy Curry, argued that Manjra abused the trust his employer placed in him.
“We will take action to protect UK businesses and members of the public from threats to their personal information,” he added. “Today’s outcome should send a strong deterrent message to others who may contemplate accessing information which they don’t have a right to look at.”
Insider Threats on the Rise
This isn’t the first time this year that the ICO has been involved in legal proceedings of this sort. In October, it was revealed that two former customer service employees at UK motoring services company RAC received suspended prison sentences for unlawfully selling personal information.
It emerged that they had accessed and copied over 29,500 lines of personal information relating to road traffic accident victims.
In November 2023, a former NHS secretary was fined by the ICO after illegally accessing the medical records of over 150 people, although it’s not thought that she sent any of their personal information to a third party.
Non-profit Cifas has claimed in the past that a combination of the cost-of-living crisis and flexible working practices has led to a surge in insider threats.
It revealed back in April that the number of individuals recorded in its cross-sector Insider Threat Database (ITD) increased 14% annually in 2023.
