Capita hack prompts watchdog to warn pension funds over data

Capita hack prompts watchdog to warn pension funds over data

Regulators have urged UK pensions schemes to research whether or not they have suffered information breaches following a cyber assault on outsourcer Capita.

The Pensions Regulator on Sunday stated it had written to the a whole bunch of pension funds that make use of Capita to manage their cost programs, urging them to “decide whether or not there’s a threat to their scheme’s information”.

London-listed Capita disclosed earlier this month that hackers might need accessed buyer information following a cyber assault on its servers in March.

The Pensions Regulator wrote to greater than 300 pension funds, which embody a mixture of private-sector outlined profit and outlined contribution schemes, in line with an individual acquainted with the matter.

Within the letter, which was first reported by the Sunday Instances, the regulator requested trustees to contact Capita to search out out whether or not their information might have been caught up within the breach, and reminded schemes of the duty to reveal any information losses to people and regulators.

“We take IT safety and the danger of cyber assaults extraordinarily severely,” the regulator stated in a press release.

The USS, the UK’s largest non-public sector pension plan, contracts Capita to manage its pensions software program for greater than 465,000 members. It was one of many schemes contacted by TPR, in line with an individual acquainted with the scenario.

“We’re at the moment not conscious of any impression on USS information,” stated a USS spokesperson, including that the scheme was liaising intently with Capita.

Capita is a serious outsourcer to each the non-public and public sectors and is likely one of the UK authorities’s greatest contractors.

The corporate gives IT companies amongst its companies, which additionally embody working the London congestion charging zone, amassing the BBC licence price and overseeing coaching for the Royal Navy.

Capita in late March first disclosed an “IT concern” that left employees unable to entry some programs and disrupted companies offered to native authority shoppers.

The outsourcer confirmed on April 20 that there had been a knowledge breach and that hackers might have accessed buyer and inner information. It stated the incident affected about 4 per cent of its servers, and that it had discovered “some proof of restricted information exfiltration”.

It added that hackers accessed its servers on or round March 22, and it had managed to interrupt the operation on March 31 and had “considerably restricted” the incident.

The corporate has refused to verify or deny whether or not the information breach fashioned a part of a ransomware assault.

“Since March thirty first we have now been in common contact with trustees and regulators, and we are going to hold them up to date as our investigation into the cyber incident progresses,” Capita stated in a press release on Sunday.

Ransomware assaults and different information breaches are a rising drawback for international companies, and have lately been reported at a provider to the world’s largest semiconductor tools producers, Japan’s Fujitsu and the UK’s Royal Mail.

A September report from consultancy PwC discovered that solely 14 per cent of world corporations surveyed had not suffered a knowledge breach up to now three years.

Back To Top