Capita Cyber Incident - 2023

According to a public statement by Capita, attackers gained initial access to systems around 22nd March 2023 and were discovered by Capita on 31st March. The incident primarily impacted access to Microsoft 365 applications and affected around 4% of Capita's server estate. It was also reported that data was exfiltrated including data belonging to customers. In their preliminary Financial Results, the business stated net costs of the cyber attack at £25 million.

Public reporting suggested that the Black Basta ransomware group was behind the attack and posted evidence of specific leaked data from Capita on their data leak website.

www.capita.com

https://www.capita.com/news/update-cyber-incident

www.capita.com

https://www.capita.com/news/capita-plc-update-cyber-incident

www.capita.com

https://www.capita.com/news/update-actions-taken-resolve-cyber-incident

www.bbc.co.uk

https://www.bbc.co.uk/news/technology-65746518

www.theguardian.com

https://www.theguardian.com/business/2023/aug/04/cyber-attack-to-cost-outsourcing-firm-capita-up-to-25m

www.theguardian.com

https://www.theguardian.com/business/2023/apr/20/capita-admits-customer-data-may-have-been-breached-during-cyber-attack

www.theregister.com

https://www.theregister.com/2023/04/18/capita_breach_gets_worse/

www.theregister.com

https://www.theregister.com/2024/03/06/capita_says_2023_cyberattack_recovery/

medium.com

https://medium.com/doublepulsar/black-basta-ransomware-group-extorts-capita-with-stolen-customer-data-capita-fumble-response-9c3ca6c3b283

medium.com

https://medium.com/doublepulsar/black-basta-ransomware-group-extorts-capita-with-stolen-customer-data-capita-fumble-response-9c3ca6c3b283