Capita, a UK-based outsourcing company, announced it will have costs of up to £20m after a cyber breach earlier this year.
The company, which provides consulting services to over 150 pension schemes, said it was taking steps to secure its systems after the incident compromised data within less than 0.1% of its server estate.
Capita said it will have to spend up to £20m on tightening its cybersecurity as well as paying specialist professional fees.
Sensitive pension information held by Capita, including passport images and addresses, reportedly began being posted on the dark web after the hack in March.
“Capita is working closely with all appropriate regulatory authorities and with customers, suppliers and colleagues to notify those affected and take any remaining necessary steps to address the incident,” a company spokesperson said.
Despite the cyber breach, Capita said it is still trading on track with predictions, and has posted in-year-revenue of £449m for the first four months of the year, a 16% increase on last year.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below formBy GlobalData
Shortly after the breach in March, 2023, the UK’s Pensions Regulator asked trustees responsible for funds that use Capita as an administrator to check if data had been breached.
Brian Higgins, security specialist at Comparitech, told Verdict: “It makes perfect sense for the regulator to advise Capita clients to seek information from the source.
“Were they to make public any kind of list, it would be open season for every cybercrime organisation to fire up their SIM-farms or staff-up their call centres and phishing campaigns to go after every potential customer.”
Capita said it has been in regular contact with authorities since the hack and will remain vigilant with the investigation.
GlobalData is the parent company of Verdict and its sister publication.