Capita Admits Data Theft in Recent Cyberattack by Hackers

Публикувано от Ари Дениал на Април 21, 2023

UK outsourcing company Capita has disclosed that customer data may have been stolen during a cyberattack in March.

The firm, which provides services to the NHS and the UK government, confirmed that its investigation had found indications of „limited data exfiltration“, possibly affecting customers, suppliers or staff. No further information was released on the nature of the data taken or how many people may have been impacted.

Capita has not provided details about the types of data stolen or the number of customers affected. However, reports suggest that the Black Basta ransomware group, which claimed responsibility for the attack, published personal data such as bank account details and passport photos, as well as data belonging to teachers applying for jobs at schools.

The Black Basta ransomware group, believed to have targeted UK outsourcing firm Capita in a cyber attack last month, is also said to have targeted US satellite television provider Dish. Capita initially reported an „IT issue“ before later admitting a „cyber incident“ had caused disruption.

Although the company said it had no evidence of data theft, limited data exfiltration was later confirmed. The attack also affected some services provided to clients including Barnet Council and O2. As yet, Capita is not featured on Black Basta’s dark web leak site.

UK government services faced minimal disruption during a cyber attack that affected outsourcing company Capita last month, according to Conor Walsh, a spokesperson for the Cabinet Office. The company holds public sector contracts worth £6.5bn ($8bn). Capita, which has said that it has now restored most of the affected client services, revealed that the hackers first infiltrated its internal systems on 22 March. The breach was interrupted on 31 March. The company has also reinstated staff access to Microsoft 365.

Capita has also revealed that around 4% of its server estate may have been affected by a cyber attack that occurred in March. The company added that it is continuing forensic investigations and will notify affected customers, suppliers or staff in a timely manner. The Information Commissioner’s Office confirmed that it is assessing information provided by Capita.