Taunton-based Luke Coleman has been convicted and fined for unlawfully obtaining and disclosing personal data in breach of the Data Protection Act, following a prosecution by the FCA.

The data was used by Raymondip Bedi and Patrick Mavanga who were sentenced to a combined 12 years in prison for their role in a crypto scam which defrauded 65 investors out of over £1.5m.

The prosecution is the first pursued by the FCA under the Data Protection Act.

Mr Coleman pleaded guilty to selling confidential customer data while employed by Virgin Media O2.

He sold the data, which was later used in a crypto investment scam, to family friend Nicholas Harper. Mr Harper had earlier pleaded guilty to assisting an offence to be committed in breach of the Data Protection Act but was acquitted of conspiracy to defraud by a jury.

Mr Coleman was fined £384, ordered to pay a £38 surcharge and contribute £500 to the prosecution costs. A fine is the maximum penalty for this kind of data offence.

Mr Bedi and Mr Mavanga cold-called victims and sold fake investments in crypto between February 2017 and June 2019. They operated companies including CCX Capital and Astaria Group LLP. They were sentenced in July following a FCA prosecution.

Mr Coleman was suspended by his employer, pending the outcome of the criminal investigation.

Steve Smart, executive director of enforcement and market oversight at the FCA, said: “Coleman abused his position of trust and enabled others to commit crimes which led to huge financial and emotional consequences for victims. This is our first prosecution under the Data Protection Act. Going forward, those who enable crime should be clear that we will use all of our powers to hold them to account.”