By Greg Wright

Published 10th May 2023, 08:47 BST

The group, which is a major contractor for local authorities, said investigations into the incident suggest that some data was accessed, but that this was from less than 0.1 per cent of its server estate. It said it has taken “extensive steps” to recover and secure the data contained within the affected server estate, and to “remediate any issues arising from the incident”. It expects the bill for the cyber attack to reach between around £15m and £20m, covering specialist professional fees, recovery and remediation costs, as well as investment to reinforce its cyber security defences and strengthen its IT security.

Capita said it is “working closely with all appropriate regulatory authorities and with customers, suppliers and colleagues to notify those affected and take any remaining necessary steps to address the incident”.

“Capita has also taken further steps to ensure the integrity, safety and security of its IT infrastructure to underpin its ongoing client service commitments,” it added.

Outsourcing firm and government contractor Capita has revealed it will take a hit of up to £20m from a recent cyber attack that saw some customer, supplier and staff data accessed by hackers.

Capita admitted last month that hackers had accessed its systems for nearly 10 days before the breach was discovered. The pensions regulator has reportedly asked hundreds of pension funds that use Capita as an administrator to assess whether their client data may be at risk.

Capita’s systems are used to administer pensions for around 450 organisations, including corporate giants Royal Mail and Axa, covering millions of policyholders. Capita declined to confirm what data was potentially accessed in the attack or how many staff, suppliers and customers were affected.

Outsourcing firm Capita reveals cyber attack set to cost it up to £20m