Earlier this year, Capita experienced a ransomware cyber-attack. At the time the breach was reported, Capita admitted that the hack affected several of its clients. Three months later, Capita has now informed some of its employees that their personal data was also accessed by the criminals, believed to be part of Russian-based ransomware group Black Basta.
The employee data compromised in this hack may include:
The revelation that its own employees have had their personal data compromised sees the Capita data breach go from bad to worse.
Earlier this week, trustees of the PwC pension scheme wrote to its members to inform then that, in addition to stolen names, dates of birth, retirement dates, and National insurance numbers, ‘Capita could not confirm to us that this information was final, complete and accurate’. This has left victims of the Capita data breach worried that the stolen data could include their bank account details.
While Capita says that it is taking “extensive steps” to recover and secure the data and check that it has not been sold on the dark web, it cannot guarantee that this won’t happen. This has left Capita employees frustrated and angry. Especially given the delay in being told about their involvement. This hold up has left Capita employees at risk of further attacks as they did not realise their data was in the hands of criminals, and that they needed to be extra vigilant.
Employees are being offered a year’s free access to a credit-monitoring service, and we strongly recommend that this is accepted. At KP Law, we have seen victims of similar data breaches become the target of cybercriminals, with instances of phishing, fraud, and identity theft. Our data protection experts strongly advise anyone involved in this breach to be vigilant and take necessary precautions.
Speaking to the Times, one employee said the hack was “played down” during internal meetings. They also claimed Capita executives had said that the incident was “just a small breach”. So, the anger being expressed by those affected seems justified.
If you receive notification that you are affected by the Capita data breach, register below to join our no-win, no-fee data breach compensation claim.
An employer cannot fire you or harm your career in any way if you make a claim. Capita would be breaking employment law if it did, and any action could be classed as discrimination.
In our regular update, we provide a roundup of some of the data breaches and… Read More
We have launched a group action against MOVEit/Zellis. Group actions can be a powerful tool… Read More
The number of organisations affected by the MoveIt Data Breach is still rising, despite the… Read More
We have launched a group action against 23andMe. Group actions can be a powerful tool… Read More
The Information Commissioner’s Office (ICO) has launched a joint investigation into the 23andMe data breach… Read More
We have launched a group action against Capita. Group actions can be a powerful tool… Read More