This latest development comes on the heels of Capita shutting down its part of its internal systems in
late March after detecting a digital break-in of its infrastructure, which the outsourcing giant admitted to in
early April. Russian ransomware crew
Black Basta has claimed responsibility. Capita subsequently said 4 percent of its server estate had been accessed and it had some evidence of data exfiltration. It later updated investors to say around 0.1 percent of its servers has been accessed.
Last week, the UK’s largest private pension scheme said Capita had written to it to warn that details of 470,000 active, deferred and retired members was held on the servers that were accessed by the intruder or intruders. This includes names, date of birth and National Insurance numbers. The data, the Universities Superannuation Scheme added, might not have been stolen but it was laboring on the assumption that “it was.” Earlier this month, a security researcher
said they found an open AWS S3 bucket of documents belonging to Capita in April, which was secured after the organization was alerted. Capita said the cloud storage contained nothing sensitive.