Information regulators say they have broken up a vast conspiracy running one of the biggest nuisance call operations ever seen in the UK.

In total, eight men have been found guilty of unlawfully accessing and obtaining people’s details from vehicle repair garages to generate leads for personal injury claims. The criminal activities are likely to have generated thousands of claim leads for personal injury firms.

The Information Commissioner’s Office conducted nine warrants in the Macclesfield and Manchester areas, seizing devices which contained 241,000 emails, 4.5m documents, 144,000 spreadsheets, 1.5m images and 83,000 multimedia files. The investigator said it was the widest body of evidence it had ever put together.

The extent of this network can now be revealed after the conclusion of a 10-week trial at Bolton Crown Court. A jury found Craig Cornick, 40, guilty of conspiracy to unlawfully obtain personal data contrary to the Data Protection Act. Cornick is a director of IQuote Limited, which specialises in legal asset investing, and is a well-known figure in the north-west legal sector. Among his other current and previous business interests, he was a director of the now-defunct High Street Solicitors for almost six years.

Cornick was found not guilty of a charge of conspiracy to access computer systems without authority. Thomas Daly, 35, was cleared of the same charge.

Daly had previously pleaded guilty to two counts of conspiracy to unlawfully obtain personal data.

ICO head of investigations Andy Curry said: ‘Most of us have had nuisance calls asking if we’ve been in a crash. At best they’re annoying, but at worst they cause real upset and fear, especially to vulnerable people, and have a real impact on the businesses affected.

‘This case uncovered a vast, murky criminal network where crash details were stolen from garages across England, Scotland and Wales and traded to fuel distressing predatory calls.’

Cornick has said he intends to appeal the one guilty verdict against him. His lawyers said no evidence was produced throughout the prosecution case that showed he or his company received or processed stolen data.

In a statement, he said: ‘I am relieved to have been cleared of some serious and damaging accusations. The claims of computer hacking were shown to be completely unfounded, with no evidence of criminal intent or harm.

'The prosecution centred on just 32 lines of data which was used as evidence. Forensic examination of that data showed none of it could be traced back to me. Furthermore, the co-defendants were never employed by my company and represented a small group of the many case suppliers.

‘While I acknowledge the challenging and important role the Information Commissioner’s Office plays in protecting citizens’ personal data, I reject any notion of wrongdoing.’

Information Commissioners Office

The ICO said the defendants were found to have conspired together between 2014 and 2017

Source: Alamy

The investigation began in 2016 when the owner of a car repair garage in County Durham reported to the ICO that he was worried his customers blamed him for the nuisance calls they were receiving about personal injury claims.

The regulator said that from this first complaint, the investigation snowballed into one of the largest ever nuisance calls cases it has dealt with, resulting in the misuse of personal data for trying to generate personal injury claims.

Craig Cornick

Cornick intends to appeal the one guilty verdict against him

The ICO said the defendants were found to have conspired together between 2014 and 2017: approximately one million records were accessed by the defendants convicted of an offence under the Computer Misuse Act. This data was then sold to claims management firms hoping to generate potential leads for personal injury claims.

There remains an ongoing second phase of the investigation looking into the role of people within insurance firms and claims management companies.

In addition to Cornick and Daly, six other men all previously pleaded guilty:

  • Vincent McCartan, 30, of Failsworth - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act and conspiracy to secure unauthorised access to data held on computer systems contrary to the Computer Misuse Act.
  • Ian Flanagan, 40, of Macclesfield - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act and conspiracy to secure unauthorised access to data held on computer systems contrary to the Computer Misuse Act.
  • Mark Preece, 44, of Manchester - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act and conspiracy to secure unauthorised access to data held on computer systems contrary to the Computer Misuse Act.
  • Kiernan Thorlby, 35, of Macclesfield - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act and conspiracy to secure unauthorised access to data held on computer systems contrary to the Computer Misuse Act.
  • Fahad Moktadir, 32, of Stockport - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act.
  • Adam Crompton, 35, of Northwich - pleaded guilty to two counts of conspiracy to unlawfully obtain personal data contrary to the Data Protection Act.

All the defendants are due to return to court on 11 July, where it is proposed that Proceeds of Crime Act and cost issues will be discussed, with sentencing following at a later date.