Illegal data farm found in Liverpool and raided by ICO

ICO enforcement officers exercise warrant and seize computers from two addresses in Merseyside

Computer covered in police tape

The Information Commissioner's Office (ICO) has raided two addresses in Liverpool over suspected data trafficking, the watchdog has said.

The sites belong to a business that has been under an ongoing investigation into the acquisition and sale of illegally obtained personal data. The business is thought to have carried out high volumes of data farming activity, known as vishing, to illegally obtain the personal data of motor accident victims to sell on to solicitors for fraudulent personal injury claims.

Two teams of ICO enforcement officers executed search warrants at a business and a residential address and seized computer equipment and documents that will be analysed for evidence.

"Today's searches will fire a warning shot to businesses who operate outside the law by engaging in data farming," said Mike Shaw, the ICO's group manager for enforcement. "The evidence seized will help us identify any illegal business activities and assist us to take enforcement action."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The raids follow a six-month investigation, conducted in partnership with the Insurance Fraud Bureau (IFB), which suggests the business was in violation of the Data Protection Act 2018 and previously under Section 55 of the Data Protection Act 1998.

The ICO believes the business has been carrying out this illegal activity since November 2017.

Vishing, or voice phishing as it's known, is a form of fraud conducted via telephone. A third-party will attempt to obtain private, personal and financial information within what seems like a normal conversation. Often callers pose as policy holders, claimants or other companies in a position of trust.

According to the ICO, vishing calls to the insurance industry are frequently made by marketing firms or claims management companies in order to obtain information from insurers to enable referrals to law firms for personal injury claims to be initiated.

It's been a busy month for the UK's data watchdog. On Tuesday it hit the Met police with two enforcement notices after if found a backlog of over 1,700 subject access requests from UK citizens had been left unanswered.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/business-strategy/mergers-and-acquisitions/354602/xerox-to-nominate-directors-to-hps-board-reports
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020