One of government’s biggest IT suppliers claims that there is ‘no evidence’ of data breach
One of the public sector’s biggest IT suppliers, Capita, is working to restore customer services following a cyberattack suffered by the company last week.
Reports first emerged on Friday that the outsourcer was suffering significant IT issues, which Capita attributed to a “technical problem… primarily impacting our internal systems”.
In a update released to the stock market today, the firm revealed that it has “experienced a cyber incident” on Friday, which had prevented staff from accessing “internal Microsoft Office 365 applications”.
The statement said that the attack has “caused disruption to some services provided to individual clients, though the majority of our client services remained in operation”.
Staff access to Microsoft platforms has now been restored, according to Capita, which added that “working in collaboration with our specialist technical partners… we are making good progress restoring remaining client services in a secure and controlled manner”.
The company did not specify which customers or services have been impacted, or the extent to which the cyber incident one of the firm’s scores of public-sector clients. Capita holds billions of pounds of public contracts and features on government’s list of strategic suppliers, which includes 40 of Whitehall’s biggest providers of goods and services.
Its biggest engagements include a contract to carry out health and disability assessments on behalf of the Department for Work and Pensions. The deal was first awarded in 2012 and was most recently to extended until 31 July 2023; this will take the contract’s total worth to more than £550m.
Other major contracts held by the firm include a £45m three-year deal to provide training services to military personnel and a £107m contract with the Department for Education to support the provision of national curriculum tests, as well as a wide range of smaller deals with customers across the public sector, including a number of local councils.
PublicTechnology contacted the Cabinet Office requesting comment on the potential impact on the public sector and any recovery work being undertaken by government. We were awaiting response at time of going to press.
Capita’s update added: “Our IT security monitoring capabilities swiftly alerted us to the incident, and we quickly invoked our established and practised technical crisis management protocols. Immediate steps were taken to successfully isolate and contain the issue. The issue was limited to parts of the Capita network and there is no evidence of customer, supplier or colleague data having been compromised.”
The statement concluded that Capita “will update the market further, should there be a need to provide any additional information, in due course”.