M&S and Diageo pension schemes uncovered in Capita hack • Graham Cluley

M&S and Diageo pension schemes exposed in Capita hack

You probably have a pension scheme with Marks and Spencer or Diageo your private particulars could have fallen into the fingers of hackers.

The issue is that grocery store large M&S and drinks agency Diageo used Capita to manage its pensions, similar to lots of of different private-sector retirement schemes.

In line with Capita, hackers initially broke into its methods round 22 March 2023 and weren’t noticed till the top of the month. Within the meantime, the corporate says, attackers stole information from “the small proportion of affected server property which could embody buyer, provider or colleague information.”

Dangerous information for Capita.

Dangerous information for firms like M&S and Diageo who trusted Capita to take care of their information.

And dangerous information, in fact, for the greater than 100,000 pension holders whose particulars could have been stolen by the hackers.

Signal as much as our free e-newsletter.
Safety information, recommendation, and suggestions.

And in case you thought this was dangerous, it’s simply the tip of the iceberg…

After Capita made information of its safety breach public, the UK’s pension watchdog urged lots of of pension funds to analyze if their consumer information might need been compromised by the assault.

Not lengthy afterwards, USS (Universities Superannuation Scheme) – the UK’s largest personal sector pension plan – warned that round 470,000 of its members could have had their particulars accessed throughout the Capita hack.

In line with USS, particulars which will have been accessed included names, dates of delivery, nationwide insurance coverage numbers, and USS member numbers.

USS mentioned that Capita was unable to verify presently that the info had undoubtedly accessed by the hackers, however that it could be smart to imagine that it was.

Capita, which is used broadly by the UK authorities, NHS, and plenty of British organisations, has discovered itself within the very uncomfortable place of getting to area a barrage of complaints from its purchasers.

Earlier this month, for example, Colchester Metropolis Council publicly expressed its “excessive disappointment” with Capita because it sought to completely perceive how Capita’s information breach had occurred, in addition to any additional motion required.

Colchester Metropolis Council says that it’s “contemplating what additional motion could also be acceptable relating to Capita.”

Different councils who’ve reportedly had their information uncovered by the Capita hack embody Adur and Worthing, Coventry Metropolis Council, Derby Metropolis Council, Rochford District Council, and South Staffordshire.

Capita has declined to say whether or not it’s ready to pay a ransom to the hackers within the hope that it’d forestall the info from being launched extra broadly.

Discovered this text fascinating? Comply with Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we put up.

Graham Cluley is a veteran of the anti-virus business having labored for quite a few safety firms for the reason that early Nineteen Nineties when he wrote the primary ever model of Dr Solomon’s Anti-Virus Toolkit for Home windows. Now an impartial safety analyst, he recurrently makes media appearances and is an worldwide public speaker on the subject of pc safety, hackers, and on-line privateness.
Comply with him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an electronic mail.

Leave a Reply

Your email address will not be published. Required fields are marked *