Skip to main content
Hafan

Eight men guilty following largest ever nuisance call investigation

  • Date 26 June 2025
  • Type News

We welcome a guilty verdict in a trial related to the unlawful accessing and obtaining of people’s personal information from vehicle repair garages to generate potential leads for personal injury claims.

The verdict follows a 10 week trial and an extensive investigation by the ICO. During which, we seized the widest body of evidence we have ever seen, demonstrating the misuse of people’s personal details to make nuisance calls to try and persuade people to make personal injury claims.

A jury at Bolton Crown Court this week found Craig Cornick, 40, of Prestbury, guilty of conspiracy to unlawfully obtain personal data contrary to the Data Protection Act.

Earlier in the month, the jury returned a not guilty verdict for Cornick and Thomas Daly, 35, of Macclesfield, for a charge of conspiracy to access computer systems without authority contrary to the Computer Misuse Act.

Daly had previously pleaded guilty to two counts of conspiracy to unlawfully obtain personal data.

Cornick and Daly join six other men who had all previously pleaded guilty to the offences listed below:

  1. Vincent McCartan, 30, of Failsworth - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act and conspiracy to secure unauthorised access to data held on computer systems contrary to the Computer Misuse Act.
  2. Ian Flanagan, 40, of Macclesfield - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act and conspiracy to secure unauthorised access to data held on computer systems contrary to the Computer Misuse Act.
  3. Mark Preece, 44, of Manchester - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act and conspiracy to secure unauthorised access to data held on computer systems contrary to the Computer Misuse Act.
  4. Kiernan Thorlby, 35, of Macclesfield - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act and conspiracy to secure unauthorised access to data held on computer systems contrary to the Computer Misuse Act.
  5. Fahad Moktadir, 32, of Stockport - pleaded guilty to conspiracy to unlawfully obtain personal data contrary to the Data Protection Act.
  6. Adam Crompton, 35, of Northwich - pleaded guilty to two counts of conspiracy to unlawfully obtain personal data contrary to the Data Protection Act.

All the defendants are due to return to court on 11 July, where it is proposed Proceeds of Crime Act and cost issues will be discussed, with sentencing following at a later date.

ICO Head of Investigations, Andy Curry, said:

“Most of us have had nuisance calls asking if we’ve been in a crash. At best they’re annoying but at worst they cause real upset and fear, especially to vulnerable people, and have a real impact on the businesses affected.

This case uncovered a vast, murky criminal network where crash details were stolen from garages across England, Scotland and Wales and traded to fuel distressing predatory calls. This has been an enormous and complex case which has seen ICO staff use both technical expertise and investigative skills to work tirelessly to track down those responsible and hold them accountable on behalf of the public.”

Our investigation 

We initially started this investigation in 2016 when the owner of a car repair garage in County Durham contacted the regulator, saying he was worried his customers blamed him for the nuisance calls they were receiving about personal injury claims.

From this first initial complaint, the investigation snowballed into one of the largest nuisance call cases we have ever dealt with, resulting in a wealth of evidence that demonstrated misuses of personal data for the purpose of making calls relating to personal injury claims.

After identifying the people involved, our investigations team conducted nine warrants in the Manchester and Macclesfield areas. The devices seized under search warrant contained 241,000 emails, 4.5 million documents,144,000 spreadsheets,1.5 million images and 83,000 multimedia files.

The defendants were found to have conspired together between 2014 and 2017, where they accessed or obtained personal data of people from vehicle repair garages without their consent. Approximately one million records were accessed by the defendants convicted of an offence under the Computer Misuse Act.

This data was then sold onto claims management firms hoping to generate potential leads for personal injury claims. We have an ongoing second phase of our investigation and anticipate further prosecutions of people embedded into insurance companies and claims management companies with the sole aim of stealing personal data.