Capita has acknowledged that a cyberattack occurred last Friday. Many clients across the UK, including government organizations, experienced disruption due to the incident, which disrupted access to internal Microsoft Office 365 apps at the IT services and consultancy firm. In a statement sent to shareholders this morning, Capita stated that the hack did not compromise data.
The company is among the biggest providers to the UK government, with public sector contracts worth £6.5 billion in outsourced IT services and other areas. It employs 50,000 people and operates in the UK, South Africa, India, and Europe. Several consumers experienced disruption due to the attack, but Capita claims that most of its services were still available.
A cyber attack that largely affected access to internal Microsoft Office 365 apps occurred on Friday, March 31, according to Capita PLC. Certain services were disrupted due to this,” the statement says. More updates would be made available as soon as possible, it added. “We have returned the company colleague access to Microsoft Office 365 by collaborating with our expert technical partners, and we are doing good work toward restoring the remaining client services in a secure and regulated manner.”
Impacted Local Government Entities By Capita Cyberattack
On Friday morning, there were issues with Capita personnel being unable to access their systems. Later that day, the business acknowledged it was having a “technical problem” in a statement posted on Twitter.
Later that evening, the firm provided more information: “We want to reassure any clients whose services have been impacted that we are progressing well and closely cooperating with our technical partners to repair the issues promptly.”
The British military and the NHS are among Capita’s clients. In addition to giving various local councils customer service phone lines, it assists the BBC in collecting its licensing fee.
Given the group’s involvement in sensitive areas like Royal Navy training facilities and security at Ministry of Defense bases, a source familiar with the outage disclosed that other governmental agencies had been made aware of the incident. As a result of the attack, the source added that people working at impacted sites—some related to crucial national infrastructure—resorted to using radios, pens, and paper.
Barnet, Barking and Dagenham, Lambeth, and South Oxfordshire are local councils that utilize Capita services and have all noted problems brought on by the incident. According to Barking and Dagenham Council, “callers may notice modest delays in our ability to reply to their calls throughout the weekend due to a technical failure with our out-of-hours service systems.”
“We are aware of an incident affecting various Capita systems,” the Cabinet Office said. “We are in frequent touch with the company as they continue to investigate the matter.”
Conclusion
The most prominent outsourcing firm in the UK, Capita, announced on Monday that “a cyber incident” was to blame for a Friday IT disruption that prevented employees from accessing their accounts. According to reports, when staff attempted to login, they were mistakenly informed that their regular passwords were “incorrect,” which fueled rumors that a cyberattack was to blame. Nevertheless, not all of Capita’s 61,000 employees were impacted. A spokeswoman for Capita at the time stated that the business was looking into “a technical issue.”
The business acknowledged it “had a cyber issue primarily disrupting access to internal Microsoft Office 365 apps” in a statement sent to the Regulatory News Service on Monday. The incident’s nature has not been made public. While financially motivated ransomware attacks continue to pose a serious threat to British businesses, Capita also offers government services that could be of interest to state-sponsored espionage outfits. Among Capita’s many contracts, there are several with the Ministry of Defense. The engineering and maintenance support of the training simulators for the Royal Navy’s nuclear-powered ballistic missile submarines, a key component of the United Kingdom’s nuclear deterrent, was taken over by a consortium it led last year.
The problem, which was “limited to areas of the Capita network,” was effectively isolated and contained, according to a statement from Capita. The business recognized that some of its customers’ services were interrupted, but it did not say which. Microsoft Office 365 access had been restored, and claimed to be “making good progress” in fixing the remaining client services in a secure and regulated manner. Although Capita could not specify if its investigation was ongoing, it stated that “no evidence of customer, supplier, or colleague data having been compromised.” Since the “technical issue” was first revealed, the company’s share price has decreased by 3% from its previous value since Friday.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.