Capita working on restoring client services after cyberattack

Written by Sam Trendall on 3 April 2023 in News

One of government’s biggest IT suppliers claims that there is 'no evidence' of data breach

Credit: Gerd Altmann/Pixabay

One of the public sector’s biggest IT suppliers, Capita, is working to restore customer services following a cyberattack suffered by the company last week.

Reports first emerged on Friday that the outsourcer was suffering significant IT issues, which Capita attributed to a “technical problem… primarily impacting our internal systems”.

In a update released to the stock market today, the firm revealed that it has “experienced a cyber incident” on Friday, which had prevented staff from accessing “internal Microsoft Office 365 applications”.

The statement said that the attack has “caused disruption to some services provided to individual clients, though the majority of our client services remained in operation”.

Staff access to Microsoft platforms has now been restored, according to Capita, which added that “working in collaboration with our specialist technical partners… we are making good progress restoring remaining client services in a secure and controlled manner”.

Related content

The company did not specify which customers or services have been impacted, or the extent to which the cyber incident one of the firm’s scores of public-sector clients. Capita holds billions of pounds of public contracts and features on government’s list of strategic suppliers, which includes 40 of Whitehall’s biggest providers of goods and services.

Its biggest engagements include a contract to carry out health and disability assessments on behalf of the Department for Work and Pensions. The deal was first awarded in 2012 and was most recently to extended until 31 July 2023; this will take the contract’s total worth to more than £550m.

Other major contracts held by the firm include a £45m three-year deal to provide training services to military personnel and a £107m contract with the Department for Education to support the provision of national curriculum tests, as well as a wide range of smaller deals with customers across the public sector, including a number of local councils.

It is understood that the National Cyber Security Centre is investigating the impact of the incident.

A government spokesperson said: "We are aware of the cyber incident which has affected Capita and continue to be in regular contact with the company. The issue has primarily affected internal processes with minimal impact on government departments."

Capita’s update added: “Our IT security monitoring capabilities swiftly alerted us to the incident, and we quickly invoked our established and practised technical crisis management protocols. Immediate steps were taken to successfully isolate and contain the issue. The issue was limited to parts of the Capita network and there is no evidence of customer, supplier or colleague data having been compromised.”

The statement concluded that Capita “will update the market further, should there be a need to provide any additional information, in due course”.


About the author
Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

ONS seeks new data source on UK firms’ overseas owners
24 May 2023

Statistics agency looks to establish a single unified partnership

‘Extremely concerned and disappointed’ – more councils caught up in Capita breach
24 May 2023

Authorities have complained about the lack of time taken to be notified by IT firm and wrongly being told personal data was not put at risk 

Rochford District Council pins data breach on Capita’s ‘unsafe storage’
17 May 2023

Authority claims it is taking ‘swift and decisive action’ in response to incident it claims affected several councils

CCS defends Digital Marketplace closure and pledges to ‘reinstate transparency’
3 May 2023

Suppliers and former officials have lamented the decision but procurement agency claims outgoing platform could no longer ‘accommodate growing demands’

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...