Outsourcing company and government contractor Capita has revealed that it will take a hit of up to £20m from a recent cyber attack in which hackers accessed some customer, supplier and staff data.
The group, which is a major contractor for local authorities, said investigations into the incident suggested some data was accessed, but that it involved less than 0.1% of its server ownership.
It said it had taken “extensive measures” to recover and protect the data contained on the affected server and to “remediate any issues arising from the incident.”
It expects the bill for the cyberattack to be between £15m and £20m, covering specialist professional fees, recovery and remediation costs, as well as investment to bolster its cybersecurity defenses and strengthen its IT security.
Capita said it was “working closely with all applicable regulatory authorities and with customers, suppliers and colleagues to notify those affected and take any necessary steps to address the incident.”
It added: “Capita has also taken additional steps to ensure the integrity, security and protection of its IT infrastructure to support its ongoing customer service commitments.”
The outsourcer admitted last month that hackers had accessed its systems for nearly 10 days before the breach was discovered. Hundreds of pension funds that use Capita as their administrator have reportedly been asked by the pension regulator to assess whether their clients’ data may be at risk.
Information containing Capita’s data is believed to have been circulating on the dark web after the breach in March, with reports suggesting this included home addresses and passport images.
Capita’s systems are used to administer pensions for some 450 organisations, including Royal Mail and Axa, covering millions of policyholders.
after newsletter promotion
The company declined to confirm what data was potentially accessed in the attack or how many employees, vendors and customers were affected.
The attack marks the latest in a recent series of cyber incidents, with high street retailer WH Smith suffering its second attack in less than a year in March and Royal Mail’s international postal service suffering a prolonged outage after hackers They will attack the group.