cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Capita facing bill of up to £20m following Russian cyber attack

Capita is looking at a bill of as much as £20 million (roughly $37.2 million) for the cyber attack it suffered last month, which led to customer, staff and supplier data being accessed by threat actors.

user icon Daniel Croft
Thu, 11 May 2023
Capita facing bill of up to £20m following Russian cyber attack
expand image

The organisation, which provides third-party services for the UK Military and the National Health Service (NHS), confirmed that data had been accessed in the attack by the Russian hacking group Black Basta, which occurred at the end of March.

While Capita initially said that there was no sign that any data had been compromised, it later revealed that threat actors did infiltrate its systems on 22 March and were only detected on 31 March, nine days later.

The company said that the data accessed was from a very small portion of its network.


“Capita understands now, based on its own forensic work and that of its third-party providers, that some data was exfiltrated from less than 0.1 per cent of its server estate,” the company said in a statement.

“Capita has taken extensive steps to recover and secure the customer, supplier and colleague data contained within the impacted server estate, and to remediate any issues arising from the incident.”

With the company implementing so many measures to protect its £6.5 billion (just over $12 million) in public sector contracts and 50,000 staff, Capita expects that the bill will be as high as £20 million.

“Capita expects to incur exceptional costs of approximately £15 million to £20 million associated with the cyber incident, comprising specialist professional fees, recovery and remediation costs and investment to reinforce Capita’s cyber security environment,” the company said in a statement on its website.

“Capita has also taken further steps to ensure the integrity, safety and security of its IT infrastructure to underpin its ongoing client service commitments.”

Black Basta claimed responsibility for the attack and has listed sensitive information on its leak site.

Data includes phone numbers, home addresses, the details of over 100 bank accounts and the personal data of teachers applying for jobs at schools.

Black Basta said that the listed information is just a sample of what it stole; however, the data is yet to be verified by Capita.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.