The UK’s information watchdog has fined outsourcing agency Capita £14m after the non-public information of 6.6 million folks was stolen in a cyber-attack.
The Data Commissioner’s Workplace (ICO) mentioned Capita “failed to make sure the safety of processing of private information which left it at important threat”.
The effective was initially set at £45m however diminished after discussions between Capita and the watchdog.
Capita’s boss Adolfo Hernandez mentioned the agency was “happy to have concluded this matter and reached at the moment’s settlement”.
He mentioned the corporate had “massively strengthened” its cyber-security resilience and was vigilant.
Capita gives skilled and outsourcing companies in various completely different fields for the private and non-private sectors.
It made £2.4bn in income final 12 months, in keeping with its newest annual report.
After the hack in March 2023, it emerged Capita had left a pool of data unsecured online.
Data apparently containing Capita information – together with house addresses and passport pictures – began to circulate on the dark web.
The ICO mentioned monetary information had been stolen, and in some instances particulars of felony data had been hacked.
Capita additionally manages administration for greater than 600 pension schemes, and 325 of them have been affected.
“Capita failed in its obligation to guard the information entrusted to it by hundreds of thousands of individuals,” mentioned Data Commissioner John Edwards.
“The size of this breach and its influence may have been prevented had ample safety measures been in place.”
The proposed £45m effective was taken right down to £14m after Capita argued it had made enhancements to its cyber-security, provided assist for folks affected and engaged with different regulators and the Nationwide Cyber Safety Centre (NCSC).
Earlier this 12 months, retailer Co-op was hit by a hack the place the small print of all of its roughly 6.5m customers was stolen.
This got here amongst different high-profile cyber-attacks to M&S, Harrods and Jaguar Land Rover.
On Tuesday, the NCSC confirmed there had been a rise in nationally important assaults this 12 months.
It got here as the federal government wrote to bosses across the nation advising them to have their contingency plans written down on paper, in case they lose entry to their computer systems in a hack.
