iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Capita, the company that provides third-party services for the UK’s National Health Service (NHS) and UK military, has finally revealed that the cyber attack last month led to customer, staff and supplier data being accessed by threat actors.
The company suffered a major IT outage that prevented staff from using programs across the Office 365 suite, such as Teams, Excel and email. This immediately raised concerns that important data held by the Capita could be in the hands of threat actors.
Capita initially said that there was no sign that any data had been compromised.
“The issue was limited to parts of the Capita network, and there is no evidence of customer, supplier or colleague data having been compromised,” said Capita in an earlier release.
Capita has now said that hackers did indeed infiltrate its systems on 22 March and were only intercepted by Capita on 31 March, meaning they had access to a full nine-day window.
“There is currently some evidence of limited data exfiltration from the small proportion of affected server estate, which might include customer, supplier or colleague data,” Capita said in its latest press release.
In addition, the company claiming responsibility for the attack on Capita, Black Basta, is now saying that it has listed the sensitive details it accessed in the attack online and is ready for sale.
According to the group, the data includes phone numbers, home addresses, and details of over 100 bank accounts.
The personal data of teachers applying for jobs at schools are also listed.
Black Basta has said that the information it has listed is only a fraction of what it has; however, Capita has not confirmed whether the information available is real.
In addition, according to The Register, the link to buy the stolen data does not work.
Capita holds roughly £6.5 billion (just over $12 million) in public sector contracts and has over 50,000 staff.
Supply chain attacks like the one on Capita are increasing in frequency and severity and are a major issue due to the extensiveness of the affected businesses.
This is the case in Australia as well, with the recent Fortra GoAnywhere attack affecting a number of major Australian institutions such as the Tasmanian government, Meriton, and Rio Tinto.
Be the first to hear the latest developments in the cyber industry.
