Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Capita Cyberattack Hits UK Pension Funds

The recent ransomware attack on Capita may impact millions of customers of hundreds of pension funds in the UK.

The recent hacker attack aimed at UK-based business process outsourcing and professional services company Capita could impact hundreds of pension funds and millions of their members.

The largest private pension scheme in the UK, the Universities Superannuation Scheme (USS), revealed on Friday that it had learned from Capita that information on USS members was stored on servers accessed by cybercriminals. 

The information, dating from 2021, include the title, initial, name, date of birth, National Insurance number, and USS member number of roughly 470,000 members. 

“While Capita cannot currently confirm if this data was definitively ‘exfiltrated’ (i.e., accessed and/or copied) by the hackers, they recommend we work on the assumption it was,” USS said

British newspaper The Telegraph has learned from sources that as many as 350 pension funds and millions of their members could be impacted by the Capita breach. 

The IT company said last week that it expects to incur costs ranging between £15 million ($19 million) and £20 million ($25 million) as a result of the incident, but it has not clarified whether the amount includes a ransom payment to the hackers. 

The Black Basta ransomware group, which has taken credit for the attack on Capita, has removed all mentions of the company from its leak website — after initially threatening to sell stolen personal and financial data — which suggests that the cybercriminals have been or are expecting to get paid. 

Capita has confirmed the theft of customer and other data from its systems. In its latest update on the cybersecurity incident, the company said data was stolen from less than 0.1% of its servers. However, experts believe that can still be a significant amount of data

Advertisement. Scroll to continue reading.

Capita is one of the largest business outsourcing providers in the UK and its services are used by many government organizations. Some of these customers have started informing the public about the incident and the actions they are taking in response. 

Related: Ransomware Attack Hits Health Insurer Point32Health

Related: Payments Giant NCR Hit by Ransomware

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Ransomware

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Data Breaches

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. 

Ransomware

Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Ransomware

Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

Ransomware

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.