The outsourcing firm and government contractor Capita has revealed it will take a hit of up to £20m from a recent cyber-attack in which some customer, supplier and staff data was accessed by hackers.
The group, which is a major contractor for local authorities, said investigations into the incident suggested that some data was accessed but that this was from less than 0.1% of its server estate.
It said it had taken “extensive steps” to recover and secure the data contained within the affected server estate, and to “remediate any issues arising from the incident”.
It expects the bill for the cyber-attack to reach between £15m and £20m, covering specialist professional fees, recovery and remediation costs, as well as investment to reinforce its cybersecurity defences and strengthen its IT security.
Capita said it was “working closely with all appropriate regulatory authorities and with customers, suppliers and colleagues to notify those affected and take any remaining necessary steps to address the incident”.
It added: “Capita has also taken further steps to ensure the integrity, safety and security of its IT infrastructure to underpin its ongoing client service commitments.”
The outsourcer admitted last month that hackers had accessed its systems for almost 10 days before the breach was discovered. The pensions regulator has reportedly asked hundreds of pension funds that use Capita as an administrator to assess whether their client data may be at risk.
It is thought that information containing Capita data was circulating on the dark web after the breach in March – with reports suggesting this included home addresses and passport images.
Capita’s systems are used to administer pensions for about 450 organisations, including Royal Mail and Axa, covering millions of policyholders.
The company declined to confirm what data was potentially accessed in the attack or how many staff, suppliers and customers were affected.
The attack marks the latest in a recent spate of cyber incidents, with the high street retailer WH Smith suffering its second hack in less than a year in March and Royal Mail’s international postal service suffering lengthy disruption after hackers targeted the group.
Source link