Warning to insurance workers over approaches for customer data

12 April 2016

The City of London Police is issuing an alert to insurance industry staff to warn them about approaches by unscrupulous fraudsters looking to get access to customer data.  


Officers are also reminding insurance staff about the serious consequences of passing on or selling customer data to third parties, which could lead to a criminal conviction and possible jail term.


Officers from the Insurance Fraud Enforcement Department (IFED) received recent reports that criminals are targeting insurance staff in pubs, cafés or through social media in their bid to gain access to sensitive customer data and information. Instances have also been reported where staff have been watched leaving their organisation and approached whilst walking to their car or public transport.


The alert, which is being issued today (12 April) by the National Fraud Intelligence Bureau, also comes after IFED detectives investigating claims management companies suspected of illegally obtaining customer data found evidence of this practice by more than one suspected criminal group.


Once the customer information is acquired, it is used to make nuisance calls to customers who are harassed and bullied by claims management companies. These companies then make bogus or exaggerated insurance claims ‘on behalf’ of the customer, who would never have submitted the claim otherwise.


Sensitive customer data can also be used by fraudsters to go on and commit other identity fraud offences.


In the past three weeks, IFED officers investigating four separate cases where claims management companies are suspected of bribing insurance workers in exchange for customer data have arrested or questioned five people, including two former employees of insurance companies.


To help minimise the chance of being targeted by criminals in this way, IFED is urging insurance staff to take the following steps:

  • Be careful talking about work in public places, such as pubs, cafés or on public transport
  • Try not to identify yourself as working in the insurance industry on social networking sites
  • Remove any identifying objects, such as lanyards, badges, company clothing etc. when leaving your office building
  • Make sure you’re aware of your employer’s policies around data handling


Anyone who gets approached in this way, or suspects company data is being passed on to criminals should report it either to their line manager, through their company’s whistle-blowing procedure or direct to police on 101. Alternatively, suspicious activity can also be reported via the Insurance Fraud Bureau’s confidential Cheatline on 0800 422 0421.


Detective Chief Inspector Oliver Little, the Head of the Insurance Fraud Enforcement Department said:


“We’re issuing this alert to make sure that those working in the insurance industry are fully aware of the lengths that criminals are prepared to go in order to get access to customer data.


“Insurance staff need to be mindful of this and think about how they can protect themselves from being targeted or what they should do if they are approached. Staff should also know that if they’re tempted to get involved in this activity, then they could be facing extremely serious criminal charges and the prospect of time in prison if convicted.


“Fraudsters target all kinds of companies and organisations to try and get hold of customer and personal data, so this problem is neither confined to the insurance industry nor to any particular insurer. However, we’re working closely with the insurance industry to share intelligence and information so that staff and companies can do as much as possible to prevent it happening.”


Mark Allen, ABI’s (Association of British Insurers) Manager, Fraud and Financial Crime, said:


 “This highlights the importance of insurers continuing to take the security of customers’ personal data very seriously, through following guidance from the industry regulator, the FCA and Data Protection Act requirements, and having systems and controls in place to minimise the risk of data theft. Staff must be aware that they risk a criminal record and losing their jobs if involved in fraud or data theft.


“It’s equally important that action is taken to remove the financial incentives to bring frivolous claims. We welcome the Government’s recent announcement of tougher regulation of claims management companies, which should reduce the scope for rogue firms to target insurance company staff.”


View All News