The Pensions Regulator (TPR) has written to pension schemes that use Capita as their administrator following a cyber incident at the company at the end of March.
In April 2023, Capita issued a statement confirming that it had experienced a cyber incident and that there was evidence of “limited data exfiltration from the small proportion of affected service estate which might include some customer, supplier or colleague data”.
The firm stated that it is continuing its investigations and would inform any customers, suppliers or colleagues that were impacted.
Following the incident, TPR wrote to pension schemes using Capita for administration services, asking trustees to inform TPR of the steps they have taken to make sure that members' data is protected.
The regulator also asked trustees to speak to Capita as to whether there was a risk to scheme data and reiterated the importance of having robust cyber security measures in place.
Commenting on the regulator’s communications with schemes, a TPR spokesperson said: “We take IT security and the risk of cyber attacks extremely seriously. That’s why we have issued guidance for trustees.
“In light of the cyber incident directed at Capita, we have asked trustees of schemes which employ Capita as their administrator to speak with the company to understand more about the situation and to help determine whether there is a risk to their scheme’s data.
“If a trustee establishes that their scheme has suffered a data loss, they have a duty to notify TPR, other authorities and impacted individuals.
“Our communication requires trustees to read TPR’s and the ICO guidance on cyber and IT security, and to make sure they are familiar with their responsibilities.
“We are also asking schemes to report to us what steps they have taken to ensure their obligations as data controller have been met.”
A Capita spokesperson said: “Since 31 March, we have been in regular contact with trustees and regulators, and we will keep them updated as our investigation into the cyber incident progresses.”
Recent Stories