News

Capita employee data accessed in cyber-hack

Earlier this year, Capita experienced a ransomware cyber-attack. At the time the breach was reported, Capita admitted that the hack affected several of its clients. Three months later, Capita has now informed some of its employees that their personal data was also accessed by the criminals, believed to be part of Russian-based ransomware group Black Basta.  

The employee data compromised in this hack may include:  

  • Dates of birth
  • Marital status
  • Home addresses
  • Salary
  • Email addresses
  • Employment details
  • Employment history. 

The revelation that its own employees have had their personal data compromised sees the Capita data breach go from bad to worse.  

Earlier this week, trustees of the PwC pension scheme wrote to its members to inform then that, in addition to stolen names, dates of birth, retirement dates, and National insurance numbers, ‘Capita could not confirm to us that this information was final, complete and accurate’. This has left victims of the Capita data breach worried that the stolen data could include their bank account details.  

How are Capita employees reacting to the news?

While Capita says that it is taking “extensive steps” to recover and secure the data and check that it has not been sold on the dark web, it cannot guarantee that this won’t happen. This has left Capita employees frustrated and angry. Especially given the delay in being told about their involvement. This hold up has left Capita employees at risk of further attacks as they did not realise their data was in the hands of criminals, and that they needed to be extra vigilant.  

Employees are being offered a year’s free access to a credit-monitoring service, and we strongly recommend that this is accepted. At KP Law, we have seen victims of similar data breaches become the target of cybercriminals, with instances of phishing, fraud, and identity theft. Our data protection experts strongly advise anyone involved in this breach to be vigilant and take necessary precautions.    

Speaking to the Times, one employee said the hack was “played down” during internal meetings. They also claimed Capita executives had said that the incident was “just a small breach”. So, the anger being expressed by those affected seems justified.  

If you receive notification that you are affected by the Capita data breach, register below to join our no-win, no-fee data breach compensation claim. 

An employer cannot fire you or harm your career in any way if you make a claim. Capita would be breaking employment law if it did, and any action could be classed as discrimination. 

Deborah Stuttard

Recent Posts

Latest Data Breach Round-Up – June 2024

In our regular update, we provide a roundup of some of the data breaches and… Read More

6 months ago

Join our MOVEit/ Zellis Data Breach Action

We have launched a group action against MOVEit/Zellis. Group actions can be a powerful tool… Read More

6 months ago

One year on – the extent of the MOVEit data hack is just becoming clear

The number of organisations affected by the MoveIt Data Breach is still rising, despite the… Read More

6 months ago

Join our 23andMe Data Breach Action

We have launched a group action against 23andMe. Group actions can be a powerful tool… Read More

6 months ago

ICO and Canadian counterpart to investigate 23andMe data breach

The Information Commissioner’s Office (ICO) has launched a joint investigation into the 23andMe data breach… Read More

6 months ago

Join Our Capita Data Breach Action

We have launched a group action against Capita. Group actions can be a powerful tool… Read More

6 months ago