UK GDPROther

Christopher Munro and William Chipoma

Data Breach

Authority

ICO

Country

United Kingdom

Date Issued

February 10, 2026

Industry

Other

Summary

Two individuals were convicted following an ICO investigation into the unlawful access and sale of personal information from over 400 UK garages, claims management companies, and insurance firms. The case involved the criminal acquisition and commercial exploitation of personal data without authorization.

Violation Types

Data BreachUnauthorized Data CollectionData Subject Rights

Articles Violated

View original enforcement decision

Related Enforcement Actions

Reddit, Inc.

ICO · UK GDPR · February 22, 2026

€17M

Capita plc and Capita Pension Solutions Ltd

ICO · UK GDPR · October 14, 2025

€16M

TikTok Inc.

ICO · UK GDPR · May 14, 2023

€15M

Advanced Computer Software Group Limited

ICO · UK GDPR · March 25, 2025

€4M

LastPass UK Ltd

ICO · UK GDPR · November 19, 2025

€1M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate UK GDPR compliance before regulators come knocking.

Talk to an Expert