Enterprise Data Thief’s sentenced following ICO investigation

Updated: Apr 13


The source of this article came directly from the ICO blog and was dated in January 2017 (this was before GDPR had come into effect)


Previous employees of Enterprise-Rent-A-Car have been sentenced for contriving to take client data that accident claim organizations could use to make nuisance calls and sell on as personal injury claims. Details of a huge number of clients from the vehicle contract organization were sold for a huge number of pounds, prompting unlawful contact from ’emergency vehicle chasers’ creation cold pitches about personal injury claims, in a plan that kept running for over two years. Andrew Minty, Jamie Leong and Michelle Craddock, who at different occasions worked for Enterprise in Cardiff or Aldershot, all confessed at Winchester Crown Court on 4 January to conspiracy to commit offences under the Data Protection Act. Minty was fined £7,500, which he needs to pay inside two years or face three months. Leong and Craddock, who had less association in the scheme and had either paid more prominent measures of harms or been influenced more by past common procedures, were given one-year contingent releases yet requested to pay £3,000 and £1,200 in prosecution costs separately.

As criminal procedures brought by the Information Commissioner’s Office, Enterprise-Rent-A-Car also recently issued civil proceedings against the defendants. This brought about the litigants paying the organization £400,000 in common remuneration altogether between them.


A fourth respondent remains wanted on a warrant.


Steve Eckersley, ICO Head of Enforcement, said: “Car rental companies have details of drivers who have been in a road accident and need to hire a vehicle whilst theirs is out of action. These details are valuable leads to companies which make money from encouraging accident victims to make claims.

“This prosecution was the result of an ICO investigation brought about after Enterprise found out what was happening. These individuals had a long-running agreement to abuse the trust placed in them to look after precious personal details. The problem of data thieves trading personal information is very concerning and one we’re cracking down on.”

Join our mailing list

© 2018 - 2020 GDPR Community Ltd

  • Facebook
  • Twitter
  • Instagram