IT Outsourcing Giant Capita Hit By Cyber Attack

IT outsourcing giant Capita has been hit by a cyber attack that has brought down their Microsoft 365 services. The company provides services to large organisations in the UK, including the UK military, the NHS (National Health Service), and the BBC, so concerns have been raised about potential vendor data compromises.

This concern is compounded by the fact that it wasn't just Capita phone lines and email accounts that were taken down; the breach also brought down phone lines and email accounts that had been outsourced by Capita. Several local government clients reported that their phone lines for taxes and beneficiary claims were taken offline, and call centres for numerous businesses were also affected. An anonymous source claimed that employees at several government facilities had been reduced to using pen, paper and radio to communicate as a result of the cyber attack.

Critical infrastructure that Capita systems are tied to include the NHS' primary care programme, London's transport fee collection system, collection of licencing for the BBC, and location tagging for prisoners on probation. In total, Capita collects over £6.5 billion in annual contracts.

Any possible disruption to the U.K.'s communication vectors could cause even further international shipping delays, given that the region is still recovering from a cyber attack on the Royal Mail back in January. The ransomware attack on the Royal Mail disrupted parcel and letter delivery for six weeks while the organisation was recovering.

"The recent confirmation by Capita that it is investigating a cyber-attack highlights the critical need for robust cybersecurity measures within the public sector. Cyber criminals often target these organisations – not just directly but through third party providers, as we have seen here – knowing the potentially devastating impact of disrupting critical public services across the country," says Camellia Chan, CEO and Founder at X-PHY.

"Safeguarding the sensitive information stored should be a top priority. All organisations are at risk, and that includes having a weak link in your supply chain. Investing in cybersecurity solutions that operate at the hardware layer is essential to provide a robust defence against today’s cyber threats. By fortifying the area closest to the data, public sector-affiliated organisations can guarantee a high level of protection for the sectors they support. This ensures that services remain unaffected, giving peace of mind to the organisations and the public they serve," added Chan.