We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Capita Confirms Data Stolen in Ransomware Attack

Capita Confirms Data Stolen in Ransomware Attack
Author Image Keira Waddell
Keira Waddell Published on 25th April 2023 Senior Writer

Capita, an outsourcing firm based in London, has released an update confirming that hackers stole data from its systems in a cyber incident that occurred in March. Capita provides critical services to various UK government departments, including the NHS, the military, and the Department for Work and Pensions. However, the company has not disclosed how many clients have been affected or the type of data accessed.

According to Capita’s statement, security specialists discovered that the hackers accessed around 4% of the company’s infrastructure.The statement confirms that there is proof of a small-scale data exfiltration from the impacted systems, which may include customer, supplier, or employee data.

Capita is conducting an ongoing investigation into the incident and has committed to providing updates if any evidence emerges that could potentially affect its customers, suppliers, or employees. The company initially did not reveal much about the nature of the attack when it was first disclosed at the end of March.

The most recent update reveals that the hackers obtained unauthorized access to Capita’s systems on 22nd March and continued their activity until 31st March, when the company became aware of the ongoing breach and interrupted it.

The outage caused by the attack prevented access to Capita’s internal Microsoft Office 365 applications and reduced the availability of client systems, including those of state organizations in the UK.

The Black Basta ransomware group posted Capita on its site on the dark web using a private link on 17th April, threatening to sell stolen data unless a ransom was paid. Among the data samples posted by Black Basta were personal bank account details, physical addresses, passport scans, and other sensitive information. The group is also believed responsible for a recent attack on US satellite television provider Dish.

The company has not confirmed whether these claims are valid or provided public comment on Black Basta’s allegations. Capita’s entry on Black Basta’s site is still private, which Bleeping Computer has suggested might mean that the ransom payment is currently being negotiated. A spokesperson for Capita declined to comment on the allegations or whether the company has had any communication with the threat actors.

About the Author

Keira is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.