Business process outsourcing giant Capita claimed today that a “cyber incident” it experienced on Friday has been largely contained, with services in the process of being restored.
The London-headquartered firm acknowledged in a brief statement that the incident mainly affected internal access to its Microsoft 365 applications, causing disruption to some client services as a result.
“Our IT security monitoring capabilities swiftly alerted us to the incident, and we quickly invoked our established and practised technical crisis management protocols,” the statement continued.
“Immediate steps were taken to successfully isolate and contain the issue. The issue was limited to parts of the Capita network and there is no evidence of customer, supplier or colleague data having been compromised.”
Capita said that its “specialist technical partners” have helped to restore employee access to Microsoft 365 and that they are “making good progress” at bringing any remaining client services back online “in a secure and controlled manner.”
It remains to be seen what caused the incident, although ransomware is always a top suspect in these situations.
Any compromise at a provider the size of Capita could have a significant impact on public services in the UK given the firm reportedly has over £6bn ($7.4bn) in government contracts.
It is said to help run projects as diverse as London’s congestion charge zone, Royal Navy training centres and security at Ministry of Defence bases, as well as parts of the NHS and tagging for the prisons and probation service.
A source familiar with the incident told The Guardian that Capita staff at critical infrastructure sites were forced to use radios, pens and paper to do their jobs.
The report also claimed that phone lines for benefits, council tax and business rates went down for several local authority customers of Capita’s, including Barnet, Barking and Dagenham, and South Oxfordshire.
Editorial image credit: T. Schneider / Shutterstock.com