Black Basta hacker group claims responsibility for a cyber attack on Capita

The notorious Black Basta gang has claimed responsibility for a cyber attack on British outsourcing company Capita and has started leaking sensitive data allegedly stolen from the company.

Capita, one of the UK’s largest outsourcing companies, suffered a cyber attack in March that affected employees’ access to internal Microsoft Office 365 applications. The issue was first spotted on March 31 when employees faced technical issues and were not able to log in as they kept getting a “password incorrect” error. The company immediately launched an investigation to understand the nature of the technical issue.

In a filing with the London Stock Exchange, the company later said that the technical issues were a result of a cyber attack it suffered on March 31 that affected employees’ access to internal Microsoft Office 365 applications. The company also said that while most of its clients’ operations remain unaffected, some “services provided to individual clients” were disrupted due to the cyber attack.

A few days later, the infamous Black Basta claimed responsibility for the cyber attack and listed Capita as its victim on its data leak site. The threat actors have started posting data allegedly stolen from the company and has shown interest in selling the same.

Information stolen by the hacker group includes phone numbers, home addresses, details of more than 100 bank accounts, and sensitive personal data belonging to individuals who applied for jobs at schools.

Capita has, however, told The Record that it has not been able to verify the claims of the threat actors and could not confirm if the data leaked by the Black Basta gang belongs to the company. Capita is working with specialist advisers and forensic experts to understand the source and authenticity of the data.

While the company initially claimed that it had no evidence of customer, supplier, or colleague data being compromised, the possibility of the same could not be ruled out. So, if its investigation reveals otherwise, impacted individuals will be notified by the company.

The National Cyber Security Centre, the Cabinet Office, and other government agencies have been notified about the security incident as Capita has several significant clients in the public sector, including the Ministry of Defence.