The Pensions Regulator (TPR) has written to pension schemes that use Capita as their administrator following a cyber incident at the company at the end of March.
In April 2023, Capita issued a statement confirming that it had experienced a cyber incident and that there was evidence of “limited data exfiltration from the small proportion of affected service estate which might include some customer, supplier or colleague data”.
The firm stated that it is continuing its investigations and would inform any customers, suppliers or colleagues that were impacted.
Following the incident, TPR wrote to pension schemes using Capita for administration services, asking trustees to inform TPR of the steps they have taken to make sure that members' data is protected.
The regulator also asked trustees to speak to Capita as to whether there was a risk to scheme data and reiterated the importance of having robust cyber security measures in place.
Commenting on the regulator’s communications with schemes, a TPR spokesperson said: “We take IT security and the risk of cyber attacks extremely seriously. That’s why we have issued guidance for trustees.
“In light of the cyber incident directed at Capita, we have asked trustees of schemes which employ Capita as their administrator to speak with the company to understand more about the situation and to help determine whether there is a risk to their scheme’s data.
“If a trustee establishes that their scheme has suffered a data loss, they have a duty to notify TPR, other authorities and impacted individuals.
“Our communication requires trustees to read TPR’s and the ICO guidance on cyber and IT security, and to make sure they are familiar with their responsibilities.
“We are also asking schemes to report to us what steps they have taken to ensure their obligations as data controller have been met.”
A Capita spokesperson said: “Since 31 March, we have been in regular contact with trustees and regulators, and we will keep them updated as our investigation into the cyber incident progresses.”
Latest News
-
Looking back: Top 20 most read stories of 2024
-
Looking back: The Pensions Age 2024 financial literacy focus
-
Blog: Are pensions on the naughty or nice list?
-
Research reveals 'strong support' for climate-conscious missions
-
GCB pension scheme completes £20m buy-in using PIC's Mosaic framework
-
PSIG consultation feedback 'encouraging'; 'disappointment' with lack of industry funding
Closing the gender pension gap
Laura Blows discusses the gender pension gap with Scottish Widows head of workplace strategic relationships, Jill Henderson, in our latest Pensions Age video interview
Endgames and LDI: Lessons to be learnt
At the PLSA Annual Conference, Laura Blows spoke to State Street Global Advisors EMEA head of LDI, Jeremy Rideau, about DB endgames and LDI in the wake of the gilts crisis of two years ago
Keeping on track
In the latest Pensions Age podcast, Sophie Smith talks to Pensions Dashboards Programme (PDP) principal, Chris Curry, about the latest pensions dashboards developments, and the work still needed to stay on track
Building investments in a DC world
In the latest Pensions Age podcast, Sophie Smith talks to USS Investment Management’s head of investment product management, Naomi Clark, about the USS’ DC investments and its journey into private markets
© 2019 Perspective Publishing Privacy & Cookies
Recent Stories