Skip to the content

Rochford Council attributes data breach to Capita

18/05/23

Mark Say Managing Editor

Get UKAuthority News

Share

Broken lock on digital grid
Image source: istock.com/Weerapatkiatdumrong

Rochford District Council has attributed a data breach to “unsafe storage” in its revenues and benefits system provided by Capita.

It published a statement that “expressed its disappointment” with Capita, although it is working with it to understand the full extent of the breach and what steps to take to minimise the impact on residents.

It is understood that the breach relates to historic data and has affected other local authorities.

Rochford Council said it will be in contact with any residents whose personal data may have been made available to view.

Its interim director of resources, Tim Willis, said: "The council is very disappointed at this and we are working closely with Capita to deal with this matter and to understand how the data breach from the company occurred.

"We take very seriously our commitment to safeguarding the privacy and security of our residents’ personal information. We know this will cause concern to residents and we want to apologise to those affected on behalf of Capita. We will be working with Capita to review the company’s processes and ensure the avoidance of any further breaches."

Earlier attack

Capita – a major supplier of software to local government – has been contacted for comment. Last month it acknowledged that it had suffered a cyber attack at the end of March that primarily affected internal applications but with some disruption to client services.

Last week it issued a statement that it understands data was exfiltrated from less than 0.1% of its cyber server estate, and that it has taken extensive steps to recover and secure customer, supplier and colleague data and remediate any issues.

“Capita is working closely with all appropriate regulatory authorities and with customers, suppliers and colleagues to notify those affected and take any remaining necessary steps to address the incident,” it said, adding that it: “…has also taken further steps to ensure the integrity, safety and security of its IT infrastructure to underpin its ongoing client service commitments”.

It also estimated its costs from the incident to be between £15-20 million.

Register For Alerts

Keep informed - Get the latest news about the use of technology, digital & data for the public good in your inbox from UKAuthority.