A businesswoman from North Yorkshire has been sentenced for deleting thousands of important files from a company that went on to collapse.
Danielle Bulley, of Tockwith, is one of only a few dozen people per year to be successfully prosecuted in the UK under the Computer Misuse Act.
The 58-year-old was previously a director of a property marketing business which went into liquidation.
A new company was launched using the assets of the old one. Several months after resigning she gained access to the new company’s servers and permanently deleted all their data – more than 5,000 documents in total.
The victim who ran the new firm said Bulley’s actions caused job losses and the loss of almost £100,000.
He said that the damage to business was so great, the company could no longer function and had to fold.
Digital forensic investigations showed that the company data had been remotely accessed by someone using Bulley’s internet address.
She was questioned and admitted deleting the files, which she thought she was entitled to do but knew it would disrupt the new company.
She was charged with computer misuse offences and was given an 18-month community order and unpaid work requirement when she appeared for sentence at York Crown Court today.
After sentencing, Detective Constable Steven Harris of the Cyber Crime Unit said:
Bulley’s actions had dire consequences for people’s livelihood.
During our investigation, it became clear that Bulley had left the original company on a bad note, but the deletion of thousands of files containing vital information was catastrophic for the victim. It dealt the new business a blow from which it never recovered.”
“his is an unusual case and a rare criminal charge – very few people are ever convicted using this law. But we uncovered clear wrongdoing and criminality, and I’m pleased the CPS and courts have worked with us to ensure justice can be served.
Ex-employees can pose a serious risk to a business because they are familiar with the company’s IT infrastructure and procedures. This can make it easier for them to carry out cyber crimes against their former organisation.
We encourage businesses to ensure they have policies in place for removing user accounts and changing passwords when an employee leaves an organisation.