Summary
The UK data protection authority fined the outsourcing company Capita £14 million after a cyber-attack exposed the personal information of 6.6 million people. Capita has since taken steps to strengthen its cyber-security measures. The Information Commissioner's Office (ICO) reduced the original fine because the company improved its security and worked with regulators.
Key Facts
- Capita was fined £14 million by the UK's Information Commissioner's Office (ICO).
- A cyber-attack led to the theft of data belonging to 6.6 million people.
- The original fine was £45 million but was reduced after Capita improved its security.
- The stolen data included home addresses, passport images, financial details, and some criminal records.
- Capita provides services to the public and private sectors and reported a £2.4 billion revenue last year.
- The cyber-attack affected 325 out of the 600 pension schemes managed by Capita.
- The ICO stated the breach could have been avoided with better security measures.
- There has been an increase in significant cyber-attacks, with firms advised to have paper-based contingency plans.
