Capita, one of the UK’s largest outsourcers, has sent a letter to pension customers confirming that some of the data it processes has likely been hacked in a recent cyberattack.
Last month, Capita said that March’s cyberattacks may have impacted about 4% of its servers, with “limited evidence of a data exfiltration” affecting customer, supplier or colleague data. clarified.
Since then, regulators have asked Capita’s customers, including hundreds of pension funds, large insurers and the public sector, to verify whether member or consumer data was compromised in the hack. .
In a letter sent to the trustee on Thursday, reviewed by the Financial Times, Capita said a large team of staff searched servers affected by the attack to determine what data may have been lost. I said I checked to see if there was one.
The outsourcer said it “identified from these investigations” that some of the pension data that Capita processes on behalf of its clients was “highly likely stolen.”
“For clarity, this does not necessarily mean that your data has been identified as exfiltrated, it just means that your data has been stolen. [Capita] A server from which some data was likely stolen,” the message said.
Capita told its trustees it expects the investigation to be completed “by the end of next week, or shortly thereafter.” He added that there was “no evidence” that the house was being checked regularly.
Capita is a large private and public sector outsourcer and one of the UK government’s largest contractors. Its services include operating congestion charging zones in London, collecting BBC license fees and supervising training for the Royal Navy.
In a statement to the FT, Capita said it “worked closely with professional advisors and forensic experts” in cyber incident investigations “to provide assurances about potential customer, supplier, or colleague data breaches.” “There are.”
“Capita will continue to engage in forensic investigations and will notify affected customers, suppliers or colleagues in a timely manner,” it added.
The communications came to light as some of Capita’s pension customers reported “struggling” to get information from their outsourcers more than five weeks after the incident was detected.
A legal expert who works for clients of Capita pensions told the FT: They are interested in seeing if their scheme has been affected by a data breach. “
The Pensions Regulator said it was in “direct communication” with Capita regarding communications with pension plan customers.
“The TPR continues to closely monitor the incident at Capita.” This is an ongoing situation and more details are being revealed daily. We are dealing.”
The regulator added, “We are talking with Capita about what we can share with trustees.”
The TPR and the Financial Conduct Authority have written to Capita’s customers urging them to check whether they have been affected by Capita’s cyberattack and, if so, to report it to the Information Commissioner’s Office. Earlier this week, the FCA also said it “continues to engage” with Capita to understand the scope of the breach.
Organizations must notify the ICO, which regulates data protection, within 72 hours of becoming aware of the occurrence of a personal data breach and contact affected individuals.
ICO has confirmed to the FT that it has received a report of a data breach likely related to a cyberattack on Capita. In its first confirmation of a data breach report from an outsourcer client, the regulator said:
