NEWS30 May 2023

ICO warns businesses over Capita data breach

GDPR News Privacy UK

UK – The Information Commissioner’s Office (ICO) has urged companies using outsourcing firm Capita’s services to urgently check their data security following a data breach earlier this year.

Data security abstract image

On 31st March, Capita experienced a cyber incident impacting access to internal application, and later confirmed that that some data was exfiltrated from less than 0.1% of its server estate.

Capita said it had “taken extensive steps to recover and secure the customer, supplier and colleague data contained within the impacted server estate, and to remediate any issues arising from the incident”.

However, the ICO has said it has received around 90 reports from organisations affected by the incidents and asked companies to ensure their data was not affected.

A statement from the ICO said: “We are encouraging organisations that use Capita’s services to check their own position regarding these incidents and determine if the personal data they hold has been affected.

“If necessary, consider reporting a data breach to the ICO and we will use this information to inform our next steps.”

Capita said in a statement last month: “Capita is working closely with all appropriate regulatory authorities and with customers, suppliers and colleagues to notify those affected and take any remaining necessary steps to address the incident.”