NHS outsourcer Capita says cyberattack cost it up to £20 million

·1-min read
Capita was hit by a ransomware attack in late March  (ROB ENGELAAR/AFP/Getty)
Capita was hit by a ransomware attack in late March (ROB ENGELAAR/AFP/Getty)

NHS and Ministry of Defence outsourcer Capita says the cybersecurity breach that left its staff locked out of their computers could cost it up to £20 million.

The firm, which has 61,000 employees spread across a range of organisations and has received billions in Government contracts, was hit by a ransomware attack in late March, leaving staff unable to access their computers.

Last month, it revealed that some data was likely to have been taken in the attack, though it added today that the data taken was from only 0.1% of its server estate.

“Capita has taken extensive steps to recover and secure the customer, supplier and colleague data contained within the impacted server estate, and to remediate any issues arising from the incident,” it said. “Capita is working closely with all appropriate regulatory authorities and with customers, suppliers and colleagues to notify those affected and take any remaining necessary steps to address the incident.”

Capita has now counted the cost of the breach, including recovery and remediation costs and investment to make sure it doesn’t happen again, at between £15 million and £20 million. The outsourcer says its trading performance before exceptional items like these costs is on-course to meet expectations.

Capita shares are down 0.4p to 33.9p today.

“Hopefully Capita can now draw a line under the cyber incident, the uncertainty arising from which has weighed heavily on the shares,” analysts at Peel Hunt said.