Data protection tightened at Town Hall after pensioners’ details stolen and used by fraudsters
Council employee able to view records he had no legitimate reason to access
06 December, 2017 — By William McLennan
CAMDEN Council have overhauled their management of sensitive data after an employee was found to have compiled a list of vulnerable pensioners that was used by fraudsters to identify easy targets.
Charlie Heath, 23, was last week convicted of fraud after abusing his position at the council’s King’s Cross HQ to access social services records and make a list of 277 elderly residents. The list was used by conmen to steal thousands of pounds from pensioner’s using “courier fraud”.
The court heard that Mr Heath, who has been fired by the council, had no reason to view adult social services files, but was able to search through thousands of pensioner’s details undetected for more than two months while he hand-picked fraud targets. Everyone on the list was aged 78 or 79.
The serious data breach was first revealed by the New Journal in August last year.
As part of the overhaul, Town Hall staff now have restricted access to data, meaning they can only open files related to their work. Their activities are also monitored regularly to help identify suspicious behaviour at the earliest opportunity, the council said.
Councillor Richard Olszewski, Town Hall finance chief, said: “It is our legal duty to keep residents’ data secure and to protect them from exploitation. Invasive cases such as this are thankfully extremely rare – but nonetheless it is one we have treated with the utmost seriousness. We have taken the strongest possible action by dismissing the employee involved and put in place a range of measures to reduce the risk of this recurring.
“We worked alongside the police from the outset. We suspended the employee on the day of his arrest and terminated his employment in 2016.
“In order to further enhance controls, we also conducted a comprehensive review of access to this sensitive data, further restricting access permissions where appropriate and monitoring usage and activity to ensure that we identify unusual patterns at an early stage.”
Last week the Met police said that “courier fraud”, where conmen phone victims and claim to be investigating fraud before sending a courier to pick up their victim’s bank cards and ID, was a growing problem and had led to the theft of £750,000 across London in the past 15 weeks alone.
Mr Heath, who will be sentenced later this month, told Blackfriars Crown Court that he made the list on the orders of a criminal gang who had made threats towards his family.
He said that he decided to make the list and printed it off on May 23 last year, but had a crisis of conscience and threw it the bin.
He said: “As soon as it left the printer I thought about the repercussions and I put it in the confidential waste bin. I was scared of the repercussions of what these people could do to these elderly people. I would rather get a kicking than someone else get hurt because of myself.”
Nine days later police found the list alongside the passport, bank cards and statements of a pensioner who had been conned earlier that day by a man posing as a policemen investigating fraud.
Officers forensically examined the list and found the fingerprints of 20-year-old Shaheedul Abedin, of Tower Hamlets, and 20-year-old Kawsar Ahmed, of Lewisham.
They stood trial alongside Mr Heath and were both found guilty of being in possession of an article for use in fraud.
Sayim Ahmed, 22, from King’s Cross, was found not guilty.