cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Capita caught up in yet another data breach

Capita is in hot water over a data breach once again after being called out by one of its clients for unsafe data storage practices, which led to data being compromised.

user icon Daniel Croft
Thu, 18 May 2023
Capita caught up in yet another data breach
expand image

The Colchester City Council is currently investigating a “serious data breach” and has pointed the finger at Capita, saying that its failure to properly store data lead to the incident.

“The council is extremely disappointed that such a serious and widespread data breach has occurred and is robustly addressing the matter with Capita,” said Colchester City Council chief operating officer Richard Block.

Capita responded to the council, saying that it was also launching a probe into the incident and that there is currently no indication that the stolen data has been used for any malicious purposes.

“We have been assured by Capita that no personal bank account details have been compromised, but we understand any data breach is a concern,” added Block.

“We expect a full explanation and remedy from the company and for them to apologise directly to those affected.”

The Colchester City Council data affected was stored on an unsecured Amazon Data Bucket run by Capita and related to the 2019 to 2020 and 2020 to 2021 financial years.

The firm has since confirmed that the data bucket is now secure. Capita has not released a statement regarding the Colchester breach.

The news of the incident comes just as Capita is facing the aftermath of a major supply chain attack, which may see it rack up a bill of £20 million (roughly $37.5 million).

The organisation provides third-party services to a number of major agencies, including the UK Military and the National Health Service (NHS). It is contracted to provide £6.5 billion (roughly $12 billion) in services to the public sector.

The attack was identified when Capita experienced an outage in its Office 365 suite. Further investigation revealed that threat actors infiltrated its systems on 22 March and were only detected nine days later, on 31 March.

While originally saying that no data was compromised, it since has revealed that data from a small portion of its network was accessed.

“Capita understands now, based on its own forensic work and that of its third-party providers, that some data was exfiltrated from less than 0.1 per cent of its server estate,” it revealed.

With clients like the UK Military and the NHS, the breach quickly raised major concerns that the Russian hacking group behind the attack, Black Basta, could have access to significant data.

Black Basta has listed a sample of the information on its leak site, including the details of over 100 bank accounts and the personal data of teachers applying for jobs at schools.

Capita has not publicly verified the legitimacy of the files.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.