Tech provider Capita is facing more challenges as additional local British councils come forward to report that their data was exposed through an unsecured AWS bucket.
Colchester City Council was the first to reveal that Capita had left residents’ benefits data unprotected on the public internet, prompting other councils including Coventry City Council, Adur and Worthing, Rochford District Council, Derby City Council, and South Staffordshire to confirm similar incidents. The affected councils are calling for investigations and considering further actions against Capita.
At the same time, in a separate incident, pension clients of Capita have been warned of potential data theft following a breach in March. Capita previously stated that the breach affected only a small portion of its server estate, but now clients such as the UK’s largest private pension fund USS and retailer M&S have informed their members about the risks associated with the breach.
Capita is working with specialists to investigate and secure the affected data while offering support and reassurance to affected clients.
Furthermore, Capita responded by stating that it is working with technical advisors to investigate the issue and that the data is now secure and inaccessible. They emphasize the importance of client privacy and data security.
The company is also addressing a security incident from March, in which criminals broke into Capita’s systems and potentially stole data, including pension data.
Capita has contacted affected clients, acknowledging the potential impact on personal data security and warning about the risks of fraud and identity theft.
