Capita Plc, one of the UK’s biggest outsourcing companies, said that customer data may have been stolen during a recent cyberattack.
(Bloomberg) — Capita Plc, one of the UK’s biggest outsourcing companies, said that customer data may have been stolen during a recent cyberattack.
There is “currently some evidence of limited data exfiltration from the small proportion of affected server estate which might include customer, supplier or colleague data,” the company said in a statement Thursday.
The hack started “on or around” March 22, it added, and was interrupted by Capita on March 31.
Capita is a crucial provider of IT to the National Health Service and also helps to enforce the BBC license fee. The attack blocked internal Microsoft Office 365 applications and disrupted some clients, Capita said earlier this month.
“The majority of Capita’s client services were not impacted by the incident and remained in operation, and Capita has now restored virtually all client services that were impacted,” the company said.
Ransomware
Earlier in April, a Russian-speaking criminal hacking group known as Black Basta claimed responsibility for breaching Capita’s systems.
On its website, Black Basta posted copies of passports, addresses and bank account details that it said it had stolen from Capita’s computers. Capita has not confirmed the authenticity of the documentation and has said it is investigating the matter.
Black Basta typically breaks into computers before using ransomware, a kind of malicious software, to lock the computers so that they cannot be used. The gang then demands payment in cryptocurrency to unlock the computers, while simultaneously threatening to publish stolen data if not paid.
According to the cybersecurity firm Trend Micro, Black Basta was first identified in April 2022 and the bulk of its victims were last year located in North America. The group has targeted organizations across a range of sectors, including construction, professional services, fashion, transportation and finance.
(Adds context on hacking group starting in sixth paragraph.)
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.