M&S and Diageo pension schemes uncovered in Capita hack • Graham Cluley


M&S and Diageo pension schemes exposed in Capita hack

You probably have a pension scheme with Marks and Spencer or Diageo your private particulars could have fallen into the fingers of hackers.

The issue is that grocery store big M&S and drinks agency Diageo used Capita to manage its pensions, similar to a whole bunch of different private-sector retirement schemes.

In response to Capita, hackers initially broke into its techniques round 22 March 2023 and weren’t noticed till the top of the month. Within the meantime, the corporate says, attackers stole information from “the small proportion of affected server property which could embrace buyer, provider or colleague information.”

Unhealthy information for Capita.

Unhealthy information for corporations like M&S and Diageo who trusted Capita to take care of their information.

And unhealthy information, in fact, for the greater than 100,000 pension holders whose particulars could have been stolen by the hackers.

Signal as much as our free e-newsletter.
Safety information, recommendation, and ideas.

And if you happen to thought this was unhealthy, it’s simply the tip of the iceberg…

After Capita made information of its safety breach public, the UK’s pension watchdog urged a whole bunch of pension funds to research if their shopper information might need been compromised by the assault.

Not lengthy afterwards, USS (Universities Superannuation Scheme) – the UK’s greatest non-public sector pension plan – warned that round 470,000 of its members could have had their particulars accessed throughout the Capita hack.

In response to USS, particulars that will have been accessed included names, dates of start, nationwide insurance coverage numbers, and USS member numbers.

USS stated that Capita was unable to verify at present that the information had undoubtedly accessed by the hackers, however that it will be smart to imagine that it was.

Capita, which is used broadly by the UK authorities, NHS, and lots of British organisations, has discovered itself within the very uncomfortable place of getting to area a barrage of complaints from its purchasers.

Earlier this month, as an example, Colchester Metropolis Council publicly expressed its “excessive disappointment” with Capita because it sought to totally perceive how Capita’s information breach had occurred, in addition to any additional motion required.

Colchester Metropolis Council says that it’s “contemplating what additional motion could also be applicable concerning Capita.”

Different councils who’ve reportedly had their information uncovered by the Capita hack embrace Adur and Worthing, Coventry Metropolis Council, Derby Metropolis Council, Rochford District Council, and South Staffordshire.

Capita has declined to say whether or not it’s ready to pay a ransom to the hackers within the hope that it’d stop the information from being launched extra broadly.

Discovered this text fascinating? Comply with Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we submit.


Graham Cluley is a veteran of the anti-virus trade having labored for a lot of safety corporations because the early Nineties when he wrote the primary ever model of Dr Solomon’s Anti-Virus Toolkit for Home windows. Now an impartial safety analyst, he often makes media appearances and is an worldwide public speaker on the subject of pc safety, hackers, and on-line privateness.
Comply with him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an e mail.



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles