iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Fears of a data breach at the UK’s National Health Service (NHS) have erupted after computer systems at third-party provider Capita went down.
The outage meant that staff from Capita had been prevented from accessing its systems for days.
Capita is a major government supplier, contracted to provide £6.5bn (just under A$12bn) in services to the public sector, including healthcare services and army recruitment.
This has raised concerns as both the UK military and NHS outsource crucial operations to Capita, meaning both may have been compromised.
Capita has begun an investigation into the incident but is yet to identify the cause. It has not yet confirmed or denied whether it believes that this has been caused by a cyber-attack.
“Following a technical problem which has affected access to some of our services today, we can confirm that we have identified an IT issue that is primarily impacting our internal systems,” the company said in a post on Twitter.
“We are working to swiftly restore those services that have been affected and will issue a further update in due course.”
According to Capita staff, systems went down at 4 am on Friday, but the issue was only discovered at 7 am when staff began attempts to log on. Capita informed staff of the issue formally at 8:45 am.
“We are urgently investigating this and will provide you with an update shortly. Please do not attempt to access via VPN or submit password recovery requests,” staff were told in an email. According to one anonymous staff member, attempts to log in returned a password incorrect message.
The outage is primarily affecting systems relating to the Office365 suite, including email and teams meetings. Client systems remained unchanged.
In another statement, Capita said that it “would like to reassure any customers whose services have been affected that we are making good progress and working closely with our technical partners to swiftly resolve the issues.”
The Capita breach is the latest incident that outlines the importance of screening third-party service providers and ensuring their security standards are up to scratch, particularly in the case of critical infrastructure.
As Vice-president for Asia-Pacific and Japan for BlueVoyant, Sumit Bansal, supply chain attacks are on the rise in Australia.
“We have been hit with a series of supply breaches over the past few weeks with Latitude Financial and The Good Guys, and it’s a reminder that these companies are not the only ones to be negatively impacted by a breach related to a third party, and most likely will not be the last.”
Bansal advises that organisations protect their data with multi-layered security solutions to cover all bases.
“The best way for organisations to protect their data is with defence in depth. When different cyber security defences are layered, it makes it more difficult for cyber attackers to access sensitive systems and data,” he said.
“By continuously monitoring both internal networks and third parties, having access control, plus good cyber hygiene, like multi-factor authentication, companies can make it more difficult for attackers to gain access.”
Be the first to hear the latest developments in the cyber industry.
