Capita is telling pension customers that some data contained within its systems was potentially accessed when criminals broke into the outsourcing giant’s tech infrastructure earlier this year.
The business admitted to a “cyber incident” – that nebulous phrase which downplays the significance of an attack – in March, when miscreants spent nine days inside the company’s systems.
As part of the ongoing investigation, Capita said in April around 4 percent of its servers were accessed by the intruder and some customers, colleagues and suppliers’ data was lifted. Russian extortionist crew Black Basta claimed responsibility, saying it had floated some of the stolen data for sale, including Capita documents marked confidential, passport scans, bank account details and more.
Now it has emerged that the UK outsourcing giant, which has around £6.5 billion worth of contracts, has written to pension customers to confirm that data it processes for them may have been accessed, according to letters seen by the Financial Times.
“To be clear, this does not necessarily mean that your data has been identified as exfiltrated, it means that your data was on [Capita] servers from which some data is likely to have been exfiltrated,” the company said.
The probe Capita is going through, with help from forensic investigators, should be completed by the end of next week, the letter added. Capita also said it had not seen any pension data on the dark web and had a third-party specialist verifying this regularly. The server infrastructure was rebuilt to