For several months, RMI Bodyshops (both NAB and VBRA) has been under-taking an investigation into a potentially serious release of personal data to from member’s repairer management system. It is believed that the data has been sold to third party legal firms and ‘accident management’ companies.
The organisation says that a number of members has shown that personal data from customers, including phone numbers and addresses, appears to have been accessed by third parties not involved in the repair of the vehicle.
Jason Moseley, Executive Director at RMI Bodyshops commented: “We have direct evidence that data entered into bodyshop systems has found its way, in a matter of hours, into the hands of third party organisations”.
“As part of an internal investigation, one of the bodyshops involved entered fictitious data into the system to attempt to draw out a reaction. Within a few hours of this data entry, a call was received from an accident management company trying to leverage a compensation claim”.
“RMI Bodyshops and its members informed the necessary authorities and have been working together with them behind the scenes” Moseley added that it wasn’t yet known if the breeches were legitimate disclosures, the result of a cyber-attack or a physical breach of such systems, hence the investigation. “We will be pushing hard with our members to bring more transparency and collaborating with the necessary authorities. We must get to the truth” he said.
“Addressing this particular issue forms part of our overall strategy to ensure that bodyshops, and consumers, are treated fairly” concluded Moseley.