Capita expects to incur costs of up to £20m following a cyberattack in March. The hack saw the company’s clients across the UK left without access to systems, and it is likely customer data was stolen in the breach.
Details of the incident remain scarce, but Capita said in a trading update to the London Stock Exchange this morning that it is expecting a bill after what it refers to as a “cyber incident.”
The global outsourcing company is one of the UK government’s largest suppliers and holds contracts valued at £6.5bn for IT and other services. Its clients include the BBC, for which it collects the licence fee, as well as many UK local authorities.
Capita cyberattack: outsourcer counts the cost
Today’s update says that Capita “has continued to work closely and at speed with specialist advisers and forensic experts to investigate and resolve the cyber incident”.
The company said that “the unauthorised intrusion was interrupted by Capita which resulted in the impact of the attack being significantly restricted. Capita understands now, based on its own forensic work and that of its third-party providers, that some data was exfiltrated from less than 0.1% of its server estate. Capita has taken extensive steps to recover and secure the customer, supplier and colleague data contained within the impacted server estate, and to remediate any issues arising from the incident.”
Capita had initially said no customer data was accessed in the incident, but issued an update a week later saying that some information may have been stolen. As reported by Tech Monitor, the company wrote to its numerous pension fund clients to inform them that their data may have been at risk.
The statement adds that Capita is “working closely with all appropriate regulatory authorities and with customers, suppliers and colleagues to notify those affected and take any remaining necessary steps to address the incident.”
It said: “Capita expects to incur exceptional costs of approximately £15m to £20m associated with the cyber incident, comprising specialist professional fees, recovery and remediation costs and investment to reinforce Capita’s cybersecurity environment. Capita has also taken further steps to ensure the integrity, safety and security of its IT infrastructure to underpin its ongoing client service commitments.”
Services disrupted by Capita breach
No criminal gang has yet to claim responsibility for the breach. It does not seem to have negatively impacted Capita’s bottom line, with the company revealing in the trading update that its underlying financial performance remains in line with expectations.
The incident was certainly problematic for various government departments. The National Cyber Security Centre, the Cabinet Office and other agencies were alerted because of Capita’s role in sensitive areas of government work, including its position as a supplier of services to Royal Navy training centres. The company works on security at Ministry of Defence bases, and it was reported that staff working at impacted sites, including some relating to critical national infrastructure, had to use radios, pens and paper as a result of the breach.
Local government services were also affected, with local authorities using Capita services, including Barnet, Barking and Dagenham, Lambeth and South Oxfordshire, flagging up issues caused by the incident in the days following the hack.