The recent hacker attack aimed at UK-based business process outsourcing and professional services company Capita could impact hundreds of pension funds and millions of their members.
The largest private pension scheme in the UK, the Universities Superannuation Scheme (USS), revealed on Friday that it had learned from Capita that information on USS members was stored on servers accessed by cybercriminals.
The information, dating from 2021, include the title, initial, name, date of birth, National Insurance number, and USS member number of roughly 470,000 members.
“While Capita cannot currently confirm if this data was definitively ‘exfiltrated’ (i.e., accessed and/or copied) by the hackers, they recommend we work on the assumption it was,” USS said.
British newspaper The Telegraph has learned from sources that as many as 350 pension funds and millions of their members could be impacted by the Capita breach.
The IT company said last week that it expects to incur costs ranging between £15 million ($19 million) and £20 million ($25 million) as a result of the incident, but it has not clarified whether the amount includes a ransom payment to the hackers.
The Black Basta ransomware group, which has taken credit for the attack on Capita, has removed all mentions of the company from its leak website — after initially threatening to sell stolen personal and financial data — which suggests that the cybercriminals have been or are expecting to get paid.
Capita has confirmed the theft of customer and other data from its systems. In its latest update on the cybersecurity incident, the company said data was stolen from less than 0.1% of its servers. However, experts believe that can still be a significant amount of data.
Capita is one of the largest business outsourcing providers in the UK and its services are used by many government organizations. Some of these customers have started informing the public about the incident and the actions they are taking in response.
Related: Ransomware Attack Hits Health Insurer Point32Health
Related: Payments Giant NCR Hit by Ransomware
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
- Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations
- Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances
- OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers
- New Honeywell OT Cybersecurity Solution Helps Identify Vulnerabilities, Threats
- Rheinmetall Says Military Business Not Impacted by Ransomware Attack
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
