Subscribe to receive free updates on Capita PLC.
You’ll receive a daily email digest, myFT Daily Digest, with the latest Capita PLC news every morning.
Members of Capita’s pension fund have been notified that their data was stolen during a cyber attack in March. This attack affected multiple private sector retirement schemes that use Capita’s administration services.
“We are contacting those who have been identified as affected by the incident, and Capita employees are also being contacted as part of this process,” the company stated without providing specific details.
The Times first reported the notification sent to Capita’s pension fund members, which came three months after the hack. Capita revealed that investigations are still ongoing.
This announcement follows the PwC pension fund trustee warning members of its defined benefit scheme in late June that the Capita hack had exposed their dates of birth and retirement details. In May, members were informed that names, data including national insurance numbers and member ID numbers could have been compromised.
In its recent letter to members, the PwC pension trustee mentioned that “Capita could not confirm to us that this information was final, complete, and accurate.”
Data from over half a million UK private sector pension scheme members may have been stolen in the Capita cyber attack. The UK’s largest private sector pension plan, USS, warned in May that personal data of around 470,000 members may have been compromised.
Pension schemes of Pearson, Marks and Spencer, Diageo, Unilever, and BAE have indicated that their members’ personal data is likely to have been affected.
While some affected members have been offered access to a monitoring service, many consider this to be inadequate. One USS member referred to it as a “non-solution that places the responsibility on victims to monitor potential identity theft.”
Several affected individuals have expressed distress. “I feel like I want to completely change my identity,” said a PwC pension fund member. “So much of me is now in the hands of someone who can choose to exploit it as they please.”
Capita stated that it has engaged third-party consultants to monitor the dark web since the cyber incident and has found no evidence of any data being sold.
Many pension scheme members are considering legal action, with law firm Barings Law initiating proceedings through a pre-action letter to Capita in response to the recent data breaches.
As an outsourcer, Capita handles data for numerous private and public sector clients, including the BBC and the Royal Navy. The cyber attack also impacted NHS England, with accessed files containing names and NHS numbers of deceased and deregistered patients.
Capita has faced criticism for its handling of a separate incident involving its work with local councils. In late April, some of its data was stored in an unsecured Amazon data bucket.
Despite these incidents, Capita has managed to secure new contracts. In June, the City of London Police announced that Capita had been chosen to operate a contact center for reporting fraud and cybercrime.
Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
