Capita confirms employee data breach in March hack
LONDON, UNITED KINGDOM — Outsourcing giant Capita confirmed that a cyberattack three months ago resulted in the stolen personal data of its employees.
The cyberattack, attributed to Russian hackers, involved the theft of national insurance numbers, pension details, and addresses of employees.
The late disclosure has sparked criticism from staff members, who claim that the issue was understated in internal meetings following an initial warning in May. The executives allegedly downplayed the incident as a routine event and labeled it “a small breach.”
Capita recently sent a letter acknowledging that extensive personal information had been stolen, including names, birth dates, marital statuses, addresses, salaries, and employment histories.
The company has implemented broad measures to secure and recover the compromised data in response to the incident. A consultant has been hired to ensure the stolen data has not been sold on the dark web.
As a part of the remedial strategy, affected employees are also offered a year of complimentary credit monitoring.
This delayed admission has intensified previous criticisms directed at Capita for its apparent lack of urgency in communicating the details of the cyberattack.
So far, Capita has refrained from commenting on speculations that it paid a ransom to the alleged hacking group, Black Basta.