IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Businesswoman sentenced for illegally deleting company files

Danielle Bulley accessed a company’s servers months after resigning as director from a previously linked firm that went into liquidation

Person types on laptop in the dark

A woman has been prosecuted under the Computer Misuse Act (CMA) 1990 for deleting thousands of crucial files from the servers of a company that went into liquidation. 

Danielle Bulley, former director of a property marketing firm, was found guilty of gaining unauthorised access to the servers of a new company that was created from its remains and deleting more than 5,000 documents.

The 58-year-old was charged with computer misuse offences and given an 18-month community order and unpaid work requirement when she appeared for sentence at York Crown Court, according to the North Yorkshire Police.

“During our investigation, it became clear that Bulley had left the original company on a bad note, but the deletion of thousands of files containing vital information was catastrophic for the victim. It dealt the new business a blow from which it never recovered,” said detective constable Steven Harris of the Cyber Crime Unit.

“Ex-employees can pose a serious risk to a business because they are familiar with the company’s IT infrastructure and procedures. This can make it easier for them to carry out cyber crimes against their former organisation.

“We encourage businesses to ensure they have policies in place for removing user accounts and changing passwords when an employee leaves an organisation.”

Bulley resigned as a director from the new property marketing business, which was launched using the assets of the old company after it went into liquidation. Several months later she gained access to the new company’s servers and permanently deleted all their data. 

The individual who ran the new firm said her actions caused job losses and financial losses of nearly £100,000. The damage to the company was so extensive, he added, that the company could no longer operate and was forced to go under.

Related Resource

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The North Yorkshire Police was approached and the Cyber Crimes Unit launched an investigation, with digital forensic investigations showing that company data had been remotely accessed by somebody using Bulley’s IP address.

She was questioned and admitted to deleting the files, which she believe she was entitled to do, though she said she knew so would disrupt the operations of the new company. 

Only a handful of people are charged under the CMA 1990 each year, perhaps a few dozen according to the constabulary, and cases often tend to be isolated and localised. One example, from 2018, involves a motor industry employee being sentenced to six months in prison for accessing customer records using his colleague’s login details.

However, an organisation earlier this year branded the legislation as out-of-date and claimed it prevents cyber security professionals from properly doing their jobs. In a report published in January,  the Criminal Law Reform Now Network (CLRNN) said the CMA imposed restrictions on journalists and academics investigating cyber threats in the public interest and is in dire need of reform.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Most Popular

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Open source giant Red Hat joins HPE GreenLake ecosystem

Open source giant Red Hat joins HPE GreenLake ecosystem

28 Jun 2022
Carnival hit with $5 million fine over cyber security violations
cyber security

Carnival hit with $5 million fine over cyber security violations

27 Jun 2022