Back to news 10 August 2023

Further update on Capita’s cyber incident

This update follows our update on 8 June.

As noted in previous updates, Capita experienced a cyber incident earlier this year which resulted in personal data being exfiltrated from their servers.

 

Capita has now completed their investigations into the cyber incident and has identified which members have been affected. Whilst initially we understood the impacted data to relate solely to pensioners (i.e. those in receipt of a pension), it has transpired that some data relating to deferred pensioners (i.e. those whose pensions have not yet come into payment) was also impacted.

 

Letters have been sent directly to the members Capita has identified as part of their investigations. Members whose data was not identified as being involved in the incident will not have been written to. The letters set out the extent to which an individual’s data has been compromised and the support available to members, including access to a fraud monitoring service. Any queries regarding the fraud monitoring service should be directed using the details provided in the letter. 

Please note that Capita has confirmed that there is no evidence that information resulting from this incident has been misused or that it is available illegally including on any third-party websites. It has also taken extensive steps to recover and secure the data contained within the servers impacted by the exfiltration and has appointed an independent cyber security expert who continues to monitor the web to confirm that data compromised as a result of this incident is not available.

 

We would like to apologise for any inconvenience and concern this incident has caused and would continue to encourage all members to be vigilant in looking out for potential fraud or scam activity and take steps to protect their identity where possible. You must be cautious about who you provide your personal information to in relation to the RPF or any other matter. Additional information about pension scams can be found here.  The National Cyber Security Centre and the Information Commissioner’s Office (ICO) provide further guidance on cyber security and data protection, as well as tips for staying secure online, that we would encourage members to refer to.