Capita, a leading provider of outsourcing services based in London, announced on March 31 that it had experienced a cyberattack that disrupted access to its internal Microsoft Office 365 applications. The attack occurred at 4 a.m. on Friday, March 26, and was discovered three hours later when staff attempted to log in to the system.
The company, which employs 50,000 specialists and provides services to clients in the finance, IT, healthcare, education, and government sectors, serves a range of critical infrastructure organizations in the UK, including the National Health Service (NHS), the UK military, and the Department for Work and Pensions.
Capita also counts prominent companies such as O2, Vodafone, and the Royal Bank of Scotland among its customers.
No evidence of customer data exposure
While Capita did not provide specific details on the cause of the incident, it did confirm in a brief press release that the outage resulted from a cyberattack. The company was able to isolate and contain the issue quickly, limiting the impact to certain parts of its network.
Capita reported that its investigation had found no evidence that data belonging to its customers, suppliers, or staff had been exposed during the intrusion.
The company also stated that only some services provided to individual clients were affected by the disruption, and most of its customer base did not experience any adverse effects.
Restoration underway
However, indications suggest that several boroughs and councils, including Barnet, Dagenham, Barking, and South Oxfordshire, all Capita clients, were affected. These clients posted notifications on their websites, stating that their phone and email servers were unavailable.
Capita is working to restore complete access to Microsoft Office 365 and other client services and reports progress. Most attempts to contact Capita for more information about the cyberattack and its impact have received a response.
Also read: As fear of cyber threats rises, organizations have to review their security strategy