Outsourcing giant Capita has written to pension funds warning that their data may have been compromised during a cyberattack. The Financial Conduct Authority (FCA) has also contacted some of Capita’s clients urging them to investigate the security of their data as fall-out from the incident in March continues.
Capita has written to its pension clients confirming their data is stored on servers that have been accessed by the cybercriminals who perpetrated what it describes as a “cyber incident”. No group has claimed responsibility for the breach, which left Capita staff unable to access Office 365 and other internal systems.
The company is among the UK government’s largest suppliers, holding public sector contracts worth £6.5bn across outsourced IT services and other areas. It has 50,000 employees and operates across Europe, India and South Africa, as well as the UK.
Clients across the UK, particularly those in the public sector, were hampered by the attack and left unable to access services provided by Capita for several days.
Capita cyberattack: warning over pension data
Having initially said no data was accessed in the cyberattack, Capita confirmed last month that it has found “some evidence of limited data exfiltration” on around 4% of its servers.
The message, seen by the FT and sent to Capita’s pension clients, explains that some of their data “is likely to have been exfiltrated.” Capita provides services to hundreds of UK pension funds.
It says: “To be clear, this does not necessarily mean that your data has been identified as exfiltrated, it means that your data was on [Capita] servers from which some data is likely to have been exfiltrated.” An investigation is ongoing.
Capita said it is “working closely with specialist advisers and forensic experts to provide assurance around any potential customer, supplier or colleague data exfiltration”. The value of the company’s shares has fallen by 16% since the hack occurred. “Capita has already confirmed that it continues to comply with all relevant regulatory obligations, establishing and maintaining an ongoing dialogue with relevant regulatory bodies is therefore not at all unusual,” a Capita spokesperson added.
The Financial Conduct Authority wades in
Earlier this week the FCA has urged Capita clients, including public sector agencies, insurers and pension funds, to check if their member and consumer data has been compromised in the hack.
The financial regulator said it has “written to regulated firms that are clients of Capita to ensure they are fully engaged in understanding the extent of any data compromise.”
“We have continued to engage with Capita since their cyber incident was reported to understand the extend of any data compromise and impact on the firms they provide outsource services to, including their underlying customers,” the FCA said.