FCA urges Capita clients to ascertain if data was compromised in cyber-attack
The City regulator has contacted Capita’s corporate clients urging them to ascertain whether their customers’ data has been compromised after a cyber-attack on the outsourcer in March.
The Financial Conduct Authority said it had written to firms it regulates and which outsource work to Capita to ensure they are “fully engaged” in assessing the fallout from the data breach.
Capita is one of the government’s biggest suppliers, with £6.5bn of public sector contracts ranging from running London’s congestion charge system to recruiting soldiers for the army.
The FCA has contacted insurance companies which use Capita for administration, including FTSE 100 firms Aviva and Phoenix Group, as well as annuity providers Pension Insurance Corporation, Rothesay and Just Group, according to the FT, which first reported on the watchdog’s inquiries.
Capita is still handling the fallout from the cyber hack, which saw staff abruptly locked out of their systems in late March. The company originally said it was experiencing IT issues before later confirming it had been hacked.
The outsourcer, which also collects the BBC licence fee and runs crucial operations for the NHS, later admitted data may have been breached during the incident, with hackers having potentially had access to customer, staff and supplier details. However, it said only a small number of its computer servers were accessed during the hack with “some evidence of limited data exfiltration”.
The FCA said it had “written to FCA regulated firms that are clients of Capita to ensure they are fully engaged in understanding the extent of any data compromise”. It said companies had a responsibility to alert affected consumers if their data had been affected, and notify regulators including
Read more on theguardian.com
