Breach Will Cost Capita At Least £20m

Uploaded on 2023-05-16 in NEWS-Cybersecurity News, FREE TO VIEW

Capita, the outsourcing group that is a major supplier to the UK government and runs crucial operations for the NHS and the British military disclosed last month that it has fallen victim to a cyber attack. The breach first came to light in March when the outsourcing firm revealed that hackers had accessed its systems for almost 10 days before the breach was discovered.

Capita is one of the UK government’s largest suppliers and holds contracts valued at £6.5bn for IT and other services. Its clients include the BBC, for which it collects the lisence fee, as well as many local authorities.

Capita now says that it expects to incur exceptional costs of about £20m, comprising specialist professional fees, recovery and remediation costs and investment to strengthen Capita’s cyber security defences. 

However, the costs of the hack to Capita could well significantly increase if the British Information Regulator, the ICO, decides to impose a fine on the hapless company and there could be be other claims on Capita from its corporate cunstomers.

According to Stuart Poole-Robb, CEO of corporate security advisors KCSG: “It’s alleged that Capita paid a ransomware fee to a Russian hacking group the ‘Black Basta Gang’. The group emerged in 2022 and has been involved in a record-breaking 459 cyber attacks up to March 2023. “Organisations, like Capita, are required to implement robust security measures, encrypt sensitive data, use multi-factor authentication and carry out regular security audits."

Capita’s systems are used to administer pensions for about 450 organisations, including Royal Mail and Axa, covering millions of policyholders.  

Around half a million members of the major UK university lecturers’ pension fund may have had their personal details stolen during the attack, generating a major potential third part liability and Britain's Financial Conduct Authority and the Pensions Regulator have both been in touch with Capita’s corporate clients, asking them to assess the impact on their end customers. 

The Pensions Regulator has reportedly asked hundreds of pension funds that use Capita as an administrator to assess whether their client data may be at risk in the event that their customers, suppliers and staff data was accessed by hackers.

In comment, Paul Holland CEO at Beyond Encryption said “Pension schemes are already at a heightened risk of cyber-attacks, thanks largely to the significant amounts of sensitive data they hold. The Capita incident is just one of many in the long line of attacks and breaches we have witnessed this year and highlights that change is needed - and soon. Trustees must remember that they are ultimately accountable for the security of pension scheme assets, regardless of whether they have outsourced to a third party.... Capita will be feeling the ramifications of this attack for quite some time – both in terms of financial repercussions and the loss of customer trust. "

Capita said investigations about the attack that the data that was stolen comprise less than 0.1% of its server estate. It has also taken “extensive steps” to recover and secure the data contained within the affected server estate, and to “remediate any issues arising from the incident”.  The firm is "working closely with all appropriate regulatory authorities and with customers, suppliers and colleagues to notify those affected and take any remaining necessary steps to address the incident”. It added: “Capita has also taken further steps to ensure the integrity, safety and security of its IT infrastructure to underpin its ongoing client service commitments.”
 
Organisations must remember that mitigating digital risk is far less financially damaging than waiting for an incident to occur and cleaning up the mess left behind. Looking forward to how data can be better protected in the future, it is past time that sufficient processes and controls were put in place to analyse supply chain risk and determine the security of third-party suppliers.”  

It is now believed that information containing Capita data was circulating on the Dark Web after the breach in March, with reports suggesting this included home addresses and passport images.

Last week Capita said that its current trading remains in-line with expectations, amid ‘strong’ sales  over the first four months of its financial year with revenues up 16 per cent year-on-year to £449million. 

Capita:   TechMonitor:   Cybersecurity Connect:    Sharecast:   Security Week:   Guardian:   ThisIsMoney

Oxford Mail: 

You Might Also Read: 

Who Foots the Bill For A Data Breach?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Higher Education: Lessons In Cybersecurity
The Philadelphia Inquirer Newspaper Hacked  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

SBS CyberSecurity

SBS CyberSecurity

SBS CyberSecurity is a premier cybersecurity consulting and audit firm.

OSIRIS Lab - NYU Tandon

OSIRIS Lab - NYU Tandon

The Offensive Security, Incident Response & Internet Security Lab (OSIRIS) is a security research environment where students analyze and understand how attackers take advantage of real systems.

Preempt Security

Preempt Security

The Preempt Platform delivers adaptive threat prevention that continuously preempts threats based on identity, behavior and risk.

Wolfpack Information Risk

Wolfpack Information Risk

Wolfpack specialise in information and cyber threat management covering the full spectrum of prevention, detection, incident response and business resilience capabilities.

Center for Research on Scientific & Technical Information (CERIST)

Center for Research on Scientific & Technical Information (CERIST)

CERIST is a scientific and technical research centre with activities focused in the area of networks, information systems and IT security.

Cynamics

Cynamics

Cynamics is the only network monitoring solution built specifically for Smart City, Public Safety and Critical Infrastructure networks.

oneM2M

oneM2M

oneM2M is a global organization creating a scalable and interoperable standard for communications of devices and services used in M2M applications and the Internet of Things.

HackNotice

HackNotice

HackNotice Teams is an all-in-one encompassing tool that monitors threats within your organization, different vendors, and third parties whose services you use.

GoPro Consultants

GoPro Consultants

GoPro Consultants is an IT Consultancy and IT Managed services provider Globally with immeasurable expertise of IT professionals in Hardware/Support & Consultancy and Project Planning.

Northrop Grumman

Northrop Grumman

Northrop Grumman is a global provider and integrator of complex, advanced and rapidly adapting information technology, cybersecurity, mobility and optimized services and solutions.

DESCERT

DESCERT

DESCERT offers you an extended IT, cyber security, risk advisory & compliance audit team which provides strategic guidance, engineering and audit services.

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.

Sequentur

Sequentur

Sequentur is an award-winning Managed IT Services company. We are SOC 2 certified and provide Managed IT Services and Cybersecurity services to businesses nationwide.

Securin

Securin

Securin offers a comprehensive portfolio of solutions including Attack Surface Management, Vulnerability Intelligence, Penetration Testing, and Vulnerability Management.

Armata Cyber Security

Armata Cyber Security

Armata exists to bring Cyber Security to all people – from home users and SMBs to large enterprises. We believe all users have the right to an affordable yet effective Cyber Security solution.

Lyvoc

Lyvoc

Lyvoc is a premier cybersecurity integration partner renowned for its expertise in supporting its clients to accelerate and secure their digital transformation.