More UK councils caught by Capita’s open AWS bucket blunder

The bad news train keeps rolling for Capita, with more local British councils surfacing to say their data was put on the line by an unsecured AWS bucket, and, separately, pension clients warning of possible data theft in March’s mega breach.

Colchester City Council was the first to step forward last week to claim that tech provider Capita had messed up in its auditing services contract for multiple authorities. Capita, it said, had left local residents’ benefits data exposed to the public internet and said the council was trying to detect the “extent of the data spill.”

The data for Colchester pertained to financial years 2019/20 and 2020/221, and the city council said it was “considering what further action may be appropriate regarding Capita.”

Others have subsequently confirmed their data was left out in the open, including Coventry City Council, Adur and Worthing, Rochford District Council, Derby City Council, and South Staffordshire.

Alison Parkin, director of financial services at Derby CC, said Capita supported its council tax and benefits service, and data left exposed was collected in early 2021. “We’re very disappointed to hear about the incident,” she said.

“We know this incident will cause concern, and we would like to apologize to our customers, We will be contacting affected customers individually,” Parkin continued, adding: “As part of our investigation, we will also be taking the opportunity to review the arrangements with Capita.”

A spokesperson for Coventry CC told us it had been “belatedly informed that

Read more

Explore the site

More from the blog

Latest News