Pensions regulator urges trustees to evaluate client data risk for funds administered by Capita
Following the cyber-attack in March, data purportedly from Capita started appearing on the dark web, including residential addresses and passport images.
As a result the UK Pensions Regulator has prompted trustees managing funds under Capita's administration to evaluate potential risks to their clients' data.
The letter urged funds to "assess if their scheme's data is at risk" and to verify their communication status with the company.
A representative for the Pensions Regulator stated: "We regard IT security and the threat of cyber-attacks with utmost seriousness." Capita's systems manage the pensions of over four million savers for about 450 organisations, which include Royal Mail and Axa.
Capita disclosed that only a small fraction of its computer servers were breached during the cyber intrusion. The company further confirmed in a statement that it has maintained regular contact with relevant authorities since the attack and will continue to update them as the investigation unfolds.
UK Firearm Owners Could Be at Risk Following Rifle Association Data Breach
The National Smallbore Rifle Association (NSRA) has alerted its members about the potential risk of subsequent fraud and cybercrime following a breach of its IT systems.
Currently, the association is liaising with the UK's South East Regional Organised Cybercrime Unit (SEROCU) in response to the incident, which it disclosed last Friday.
"Our IT systems are fully functional, no funds have been lost, and we will fully brief our members upon the conclusion of the police inquiry. We can affirm that this breach has not compromised the membership portal, which remains secure," the NSRA noted in a statement.
"This breach targeted legacy servers that store working documents, not a complete database. At this juncture, we cannot specify who this might affect as we have no access to the servers."
Despite the lack of comprehensive details, the NSRA has encouraged its members to update their account passwords.
Warnings have been issued that should gun owners' data be accessed by unauthorised parties, it could be exploited by criminal gangs to target properties for weapons, which are challenging to acquire in the UK and therefore potentially valuable.
In September 2021, similar concerns were raised when the personal information of 100,000 UK gun owners was leaked online, including details of home addresses where firearms were believed to be kept.
German IT giant Bitmark closes all customer and internal systems following cyber attack
Following a cyber attack, German IT services provider Bitmarck has closed down all customer and internal systems, including whole data centres in some instances.
Bitmarck, a significant service provider for German health insurers, reassured that no customer, patient, or insured person's data had been compromised in the breach, based on "the current state of knowledge," according to a statement on its temporary website.
Patient data "was and is not at risk from the attack," due to the "special protection" offered under Germany's Gematik healthcare data regulations.
The timeframe for reinstating all systems is uncertain. However, certain services, like the digital processing of electronic incapacity for work certificates and access to electronic patient files, are already operational or will be soon. Other key services are expected to be available shortly.
Bitmarck is also exploring a short-term IT environment to restore central processes for health insurers, such as payments. However, the company warned that it might take time before its managed services return to their pre-attack performance levels, due to the extensive shutdowns and potential temporary service failures.
Bitmarck did not provide information on who attacked its network and how.
