Cashier used Barclays systems to profile sex attack victim

After £800 fine, Information Commissioner calls for prison sentences.

A 27 year-old bank cashier was fined £800 (A$1,226) yesterday for using her position at Barclays Bank to profile a customer who was the victim of a sex attack by the cashier’s husband.

The offences of Sarah Langridge, no longer an employee of the bank, were discovered during a hearing for her husband’s sentencing when the victim recognised Langridge as a cashier at the bank office she used. The victim, according to the ICO, was concerned that her accounts had been accessed by the attacker’s wife and filed a complaint with police.

Landgridge's husband, Simon, was sentenced to 18 months for the late night attack, outside the victim's home two years ago, according to the Daily Mail.

The bank's investigation found Langridge had accessed the victim’s accounts eight times during the eight month duration of her husband’s trial. Langridge viewed the victim’s personal details, current account entries, lending records and her employer details, however during questioning claimed she had not shared the information with her husband or anyone else.

For her incursions on the victim's privacy, Langrdige was also ordered to pay an additional  £400 and £15 victim’s surcharge. 

The UK’s Information Commission’s Office planned to use the case at a Tuesday Justice Committee hearing to argue for prison terms be available to the courts in serious privacy breaches.

Currently, a Magistrates Court can only issue fines up to £5,000 while the Crown Court can issue unlimited fines under Section 55 of the UK’s Data Protection Act.

“It beggars belief that – in an age where our personal information is being stored and accessed by more organisations than ever – the penalties for seriously abusing the system still do not include the possibility of a prison sentence, even in the most serious cases,” said Information Commissioner Christopher Graham.

“I note the outcome of this latest case, and I remain concerned that the courts are not able to impose the punishment to fit the crime in all cases, because the current penalty for this all too common offence is limited to a fine rather than the full range of possible sentences, including prison for the most serious cases,” Graham said.

“Blagging”, where a person gains unauthorised access to information from a system without necessarily hacking it, has become a serious problem in the UK, according to Graham, pointing to a dozen recent cases from the telecommunications sector, the nation’s postal system, the police and the health sector.

The commissioner said legislators failed to act on tougher legislation that Parliament put in place in 2008 over “unfounded” concerns for the freedom of the press -- a challenge shared by Australian legislators seeking tougher privacy legislation, which came to a head again following News Corporation’s News of the World phone hacking scandal.

“Unfounded concerns about press freedom were a distraction in 2008 and they should never have halted the introduction of stronger sanctions. They should not delay any further the commencement of the powers needed to combat this modern scourge,” said Graham.  

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags privacy legislationBarclays Banksecurity breachesprivacy breacheshacking scandal

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

More videos

Blog Posts