Capita is hit by a £20 million cyber hack that caused disruption to the outsourcing giant’s public and corporate clients
- Capita forecasts £15m to £20m hit due to fees, costs and investments
- However, the figure does not include any impending fines from regulators
Capita has warned it could take a financial hit of up to £20 million as a result of a cyber-attack last month that caused disruption to the outsourcer’s clients.
The group collects the BBC license fee and has £6.5bn in public sector contracts. Capita was rocked by the hack last month as staff lost access to key systems and customer services suffered.
Capita told investors on Wednesday that while it could have “significantly mitigated” the impact of the attack, it expects costs of £15m to £20m as a result.
The costs include “specialized professional fees,” repair and recovery costs, and “investments to strengthen Capita’s “cybersecurity environment.”
Capita says it has taken further steps to ensure the integrity, safety and security of its IT infrastructure
However, the cost of the hack to Capita could well exceed these numbers if regulators choose to fine the group.
The Financial Conduct Authority and the pension regulator have been in contact with Capita’s corporate clients and asked them to assess the impact on their end clients.
Capita has contacted regulators and notified the Information Commissioner’s Office of the incident within the required 72 hours.
It also identified the breach within nine days, compared to an average of 197 days, according to IBM’s 2022 Cost of a Data Breach Report.
Capita said Wednesday that its own forensic work and that of third parties had determined that some data had been “exfiltrated” — or taken away — from less than 0.1 percent of its server farm.
It added: ‘Capita has taken extensive steps to recover and secure customer, supplier and colleague data in the affected server farm, and to resolve any issues arising from the incident.
“Capita is working closely with all relevant regulatory authorities as well as customers, suppliers and colleagues to notify those affected and take any remaining necessary steps to address the incident.
“Capita has also taken further steps to ensure the integrity, safety and security of its IT infrastructure in support of its ongoing customer service commitments.”
In addition to municipalities and the GGD, Capita has contracts with government organizations such as the National Cyber Security Center.
It also provides services on behalf of the Cabinet Office, HM Revenue & Customs, the Ministry of Justice, numerous police forces, and administers the London Congestion Charge Scheme.
Among its private sector clients, Capita operates call centers for car manufacturer BMW, bookmaker William Hill, Thames Water, telecom group O2 and the RSPCA.
Pre-tax profit fell 79 per cent to £61.4m in 2022 due to a large impairment charge for Capita in its portfolio division and the loss of income from its various divestments.
Capita said on Wednesday that current trading remains in line with expectations amid “strong” sales performance over the first four months of the financial year with sales up 16 percent year-on-year to £449 million.
Capital shares fell 2.1 percent to 33.6 pence in early trading, cutting 2023 gains to 33.3 percent.
Analysts from Peel Hunt man maintained their buy rating, with a price target of 48 pence.
Christopher Bamberry of Peel Hunt said: “Hopefully Capita can now draw a line under the cyber incident, the uncertainty of which has weighed heavily on stocks.
“Trading is in line and industry news flow remains supportive.”