Capita, a major outsourcing company with £6.5 billion in public sector contracts, has confirmed that a cyber attack caused IT outages for some of its services on March 31. The attack affected the company’s internal Microsoft 365 applications, resulting in disruptions to some services provided to individual clients. While the majority of the company’s client services remained in operation, some customers also reported issues accessing Microsoft 365, Office, and Teams.
Capita claims that its security monitoring alerted personnel to the issue, and they took immediate steps to isolate and contain it. The company said that it has restored Capita colleague access to Microsoft Office 365, and it is making progress in restoring remaining client services securely and in a controlled manner. However, the company has not disclosed how or when the attackers gained internal entry, which parts of the business were affected, or the specific customers whose services were downed. Capita’s contracts with 415 organizations, worth £700 million, are due to expire between 2022 and 2025, which may be affected by this security incident.