Imagine waking up to the news that your personal information has been stolen in a cyberattack. Sounds pretty scary, right? Well, that’s exactly what happened to customers of business process outsourcing firm Capita in early April.
Fast forward to six weeks later, and Capita has warned the Universities Superannuation Scheme (USS), the largest private pension scheme in the UK, to operate under the assumption that their members’ data was stolen. USS manages the pensions of over 500,000 members (and their families) from UK universities and Higher Education institutions, investing a whopping £82.2 billion (over $102 billion) on their behalf.
According to Capita, hackers accessed servers that held personal information of around 470,000 active, deferred, and retired members, including names, dates of birth, National Insurance numbers, and USS member numbers. Although Capita can’t confirm if this data was actually exfiltrated (i.e., accessed and/or copied) by the hackers, they recommend assuming it was. USS said on Friday, “We are awaiting receipt of the specific data from Capita, which we will in turn need to check and process.”
As a result of this incident, the Information Commissioner’s Office (ICO) has been notified, and the Pensions Regulator and the Financial Conduct Authority have been informed as well. Up to 350 UK corporate retirement schemes were affected, making this “the largest such hack in British history,” according to The Telegraph.
What Steps Can Pilots Take to Protect Their Data from Cybersecurity Breaches?
Pilots need to be vigilant about protecting their data from cybersecurity breaches to minimize the potential data breach impact on pilots. Implementing strong encryption protocols, regularly updating software, and using secure Wi-Fi networks are vital steps pilots can take to safeguard their confidential information. Additionally, practicing safe online habits and utilizing two-factor authentication can further enhance data security for pilots in the digital age.
Black Basta Ransomware Gang Claims Responsibility
Initially, Capita downplayed the attack as a “technical problem.” However, three days later, they admitted that the weekend-long outage was caused by a cyberattack. On April 17th, the Black Basta ransomware gang claimed responsibility for the attack, adding a private entry for Capita to its data leak site using a private link. They threatened to sell allegedly stolen data, including personal bank account details, physical addresses, passport scans, and other sensitive information.
When we reached out to Capita for a comment on the ransomware gang’s allegations, they declined to provide a statement. However, on April 20th, Capita disclosed that attackers exfiltrated files from roughly 4% of its “server estate,” including systems containing customer, supplier, or colleague data. The hackers gained access to Capita’s systems on March 22 and remained active until the company discovered the breach on March 31.
As of May 5th, Capita has published a new update, stating that “data was exfiltrated from less than 0.1% of its server estate.” Additionally, the company revealed that it expects to incur exceptional costs of up to £20 million (around $25 million) related to the April incident.
Capita, based in London, is a government contractor that works with clients in various sectors, including finance, IT, healthcare, and education. Their customer list features the Department for Work and Pensions, the National Health Service (NHS), the UK military, and prominent companies such as Vodafone, O2, and the Royal Bank of Scotland.
Don’t let your business become another statistic. Cybersecurity is more important now than ever, and protecting your company’s valuable data should be a top priority. Contact us today to learn how ZZ Servers can help safeguard your business from cyber threats.
