The Information Highway

The Information Highway

Font size: +
2 minutes reading time (354 words)

Capita confirms hackers stole data in recent cyberattack

London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the month, now admitting that hackers exfiltrated data from its systems.

More specifically, the firm has found, with the help of security specialists, that hackers accessed roughly 4% of its server infrastructure and stole files hosted on the breached systems.

"The incident was significantly restricted, potentially affecting around 4% of Capita's server estate," reads Capita's statement.

"There is currently some evidence of limited data exfiltration from the small proportion of affected server estate, which might include customer, supplier, or colleague data."

The company will continue its investigation of the cyber-incident and provide timely updates if evidence that shows an impact on customers, suppliers, or colleagues arises.

Alleged BlackBasta ransomware attack

On March 31, 2023, Capita disclosed an IT issue that impacted its services. Three days later, the company announced that the outage was caused by a cyberattack that prevented access to its internal Microsoft Office 365 applications.

At the time, Capita did not provide many details about the nature of the cyberattack. However, its impact was evident in the reduced availability of client systems, including state organizations in the UK.

According to the latest update, the initial unauthorized access to Capita's systems occurred on March 22, 2023, and remained uninterrupted until the firm realized the breach on March 31, 2022.

On April 17, 2023, the Black Basta ransomware gang posted Capita on its extortion portal on the dark web using a private link, threatening to sell stolen data to interested buyers unless the victim paid the ransom.

Black Basta posting Capita on its Tor website (Dominic Alvieri)

The data samples Black Basta posted at the time include personal bank account details, physical addresses, passport scans, and other sensitive information.

The company did not provide public comment on the allegations of the Black Basta hackers and has not mentioned anything about ransomware in its recent statement, so the validity of these claims remains unconfirmed.

Capita's entry on Black Basta's extortion site remains private, which might mean that the ransom payment is currently being negotiated.

Microsoft expands AI Copilot offering with Viva an...
CISA warns of Android bug exploited by Chinese app...
 

Comments

No comments made yet. Be the first to submit a comment
Saturday, 28 December 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023