Capita Confirms Data Stolen in Recent Cyberattack

Capita, the professional outsourcing company based in London, has released an update regarding the cyber attack that occurred at the beginning of this month.

The company has now acknowledged that the hackers were able to extract data from their systems.

Capita’s recent statement has confirmed that security experts have determined that the hackers were able to access approximately 4% of the company’s infrastructure.

The statement also confirms that there is evidence of limited data exfiltration from the affected systems, which may have included data belonging to customers, suppliers, or employees.

According to reports, the extortionists known as Black Basta are claiming responsibility for the recent break-in at Capita and are allegedly offering for sale sensitive information such as bank account details, addresses, and passport photos that were stolen from the IT outsourcing giant.

Capita, a London-based corporation with UK government contracts amounting to £6.5 billion ($8 billion), has not yet verified the legitimacy of the data breach, according to a spokesperson.

Speaking to the Register, a spokesperson for Capita said that the company will “continue to work closely with specialist advisers and forensic experts in investigating the incident,” and they are yet to confirm whether “customer, supplier, or colleague data having been compromised.”

According to a report by the Sunday Times, the Russian-speaking ransomware group known as Black Basta, which claimed responsibility for the attack on Capita, has allegedly published sensitive information, including personal bank account details, passport photos, and addresses, as well as personal data of teachers who have applied for jobs at schools.

On April 17, 2023, the Black Basta ransomware gang reportedly posted Capita on its extortion portal on the dark web, using a private link to threaten the sale of stolen data to interested buyers unless the victim paid the ransom.

According to the BleepingComputer, The data samples that Black Basta posted included personal bank account details, physical addresses, passport scans, and other sensitive information.

Although the company has not issued any public comment regarding the claims made by the Black Basta hackers and has not mentioned anything about ransomware in its recent statement, it is worth noting that the validity of these claims remains unconfirmed.