Capita, outsourcing services provider to the UK’s government, admitted that hackers stole data from its system during a cyberattack last month.
The investigation found hackers infiltrated the network on or around March 22, which means they accessed the system for 10 days before Capita interrupted he breach on March 31, affecting 4% of servers
Though the impact of the incident was mostly restricted, concerns remain over the potential exposure of sensitive data, given Capita’s size and the extent of its involvement with critical public and private sectors.
The affected customers are unknown but promised to provide assurance around any potential data exfiltration and claims that it has restored all the impacted systems.
On March 31, Capita experienced major outages of its internal system, which prevented its clients and employees from accessing internal Microsoft Office 365 applications.
Three days later, it confirmed that it suffered a cyberattack, claiming that there is no evidence of customer or supplier data having been compromised.
On April 17, the Black Basta ransomware group listed Capita on its leak site and claimed it would sell the data to interested buyers unless the company paid for the ransom demand. The ransomware gang also shared some documents on the site, including clients’ bank account information, passport pages, and physical addresses.