Capita, one of the UK’s largest contractors, has written to pension clients confirming that some data it was processing was likely to have been breached in a recent cyberattack.
Last month, Capita revealed a cyberattack in March had potentially affected around 4% of its servers with “some evidence of limited data exfiltration” affecting customer, supplier or co-worker data.
Regulators have since urged Capita customers, including hundreds of pension funds, large insurers and public sector departments, to check whether their member and consumer data had been compromised in the process. To hack.
In correspondence sent to administrators on Thursday, the content of which was seen by the Financial Times, Capita said a large team of employees searched the servers that were hit by the attack to understand what data might have been lost. .
The contractor said it “identified from these investigations” that some retreats the data that Capita processes on behalf of its customers “may have been exfiltrated”.
“To be clear, this does not necessarily mean that your data was identified as exfiltrated, it means that your data was on [Capita] servers from which some data may have been exfiltrated,” he said in the post.
Capita told administrators he expected the investigations to be finalized “by the end of next week or shortly thereafter.” He added that there was “no evidence” that Capita’s pension data was available on the dark web and that a third-party specialist checked it regularly. It had rebuilt its server infrastructure to reduce the risk of a similar incident happening again, according to the message.
Capita is a major private and public sector contractor and is one of the UK Government’s largest contractors. Its services include managing London’s congestion charge zone, collecting license fees from the BBC and overseeing the training of the Royal Navy.
In a statement to the FT, Capita said it was “working closely with specialist advisers and forensic experts” to investigate the cyber incident “to provide assurance regarding any potential exfiltration of customer data, suppliers or colleagues”.
“Capita continues to conduct its forensic investigations and notify any affected customers, suppliers or colleagues in a timely manner,” he added.
The correspondence came to light as some Capita pension customers said they were “struggling” to get information from the outsourcer about the incident more than five weeks after it was detected.
A legal expert who works for a Capita pension client told the FT: “Administrators and managers struggle to get data specific to their scheme situation. They are worried about whether their systems have been affected by the data breach.
The pensions regulator said it was “engaging directly” with Capita regarding its communication with pension scheme customers.
“We continue to follow the incident in Capita closely,” TPR said. “This is an ongoing situation with more details emerging daily. We are in contact with administrators, other regulators and Capita.
The regulator added “we are talking to Capita about what they are able to share with administrators”.
TPR and the Financial Conduct Authority have written to Capita customers, urging them to check whether they have been affected by the Capita cyberattack, and to report it to the Information Commissioner’s Office, if appropriate. Earlier this week, the FCA also said it had “continued to engage” with Capita to understand the extent of the breach.
Organizations are required to notify the ICO, which regulates data protection, of a personal data breach within 72 hours of becoming aware of an incident, and also to contact those affected.
The ICO confirmed to the FT that it had received reports of data breaches likely linked to a cyberattack at Capita. In its first confirmation of the outsourcer’s customer data breach reports, the regulator said: “We have received other breach reports believed to be related to the Capita incident.”
—————————————————-
Source link