Outsourcing group Capita, which runs crucial services for the NHS and military, has for the first time admitted that hackers accessed potential customer, staff and supplier data during a cyber-attack last month.
The company saidits investigation into the attack – which caused major IT outages for clients including local councils – found that hackers infiltrated its systems around 22 March, meaning they had around nine days before Capita “interrupted” the breach on 31 March.
While the eventual intervention meant the cyber-attack was “significantly restricted”, affecting only 4% of its IT systems, Capita admitted that data was breached during the incident.
It raises the possibility that public sector information was accessed by hackers. Capita, which employs more than 50,000 people in Britain, is one of the government’s most important suppliers and holds £6.5bn-worth of public sector contracts.
“There is currently some evidence of limited data exfiltration from the small proportion of affected server estate which might include customer, supplier or colleague data,” the company said in an update on Thursday.
Capita stopped short of disclosing how many customers were potentially affected by the breach, and is still notifying anyone whose data might be at risk.
“The majority of Capita’s client services were not impacted by the incident and remained in operation, and Capita has now restored virtually all client services that were impacted,” the company said, adding that it “continues to work through its forensic investigations and will inform any customers, suppliers or colleagues that are impacted in a timely manner.”
The cyber-attack at the end of March caused major outages for clients, including agencies involved in critical
Read more on theguardian.com