The UK’s data watchdog has fined outsourcing firm Capita £14m after the personal data of 6.6 million people was stolen in a cyber-attack.
The Information Commissioner’s Office (ICO) said Capita “failed to ensure the security of processing of personal data which left it at significant risk”. The fine was originally set at £45m but reduced after discussions between Capita and the watchdog.
Read more…
Source: BBC News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- UK Foreign Office was victim of cyberattack
December 19, 2025
The UK Foreign Office was hacked in October, a minister has admitted, raising fears that thousands of confidential documents and data may have been compromised. While ministers are “pretty confident” that visa applicants’ details have not been accessed, they have admitted that they are not confident about the identity of the hacker. Sources told The Sun ...
- UK: NHS GP software supplier hit by cyber attack
December 19, 2025
DXS International which provides healthcare technology for the NHS has disclosed a cyber attack, which has led to data being stolen. The UK-based company provides software that helps to reduce costs for doctors and primary care physicians and is used by around 2,000 GPs which oversee the care of around 17 million patients. In a filing ...
- LastPass 2022 Data Breach — 1.6 Million Users Exposed By Security Failure
December 14, 2025
Any data breach affecting 1.6 million people is big news, especially when it involves one of the most prominent password managers out there: LastPass. The U.K. Information Commissioner’s Office has just fined LastPass £1.2 million ($1.6 million) for failing to “implement sufficiently robust technical and security measures, which ultimately enabled a hacker to gain unauthorised access ...
- UK: Information Commissioner’s Office reprimands Post Office for data breach
December 4, 2025
The Information Commissioner’s Office (ICO) has issued a reprimand to the Post Office following a data breach that resulted in the unauthorised disclosure of personal information belonging to hundreds of postmasters involved in the Horizon IT scandal. The breach occurred when the Post Office’s communications team mistakenly published an unredacted version of a legal settlement document ...
- NHS Highland staff ‘poor practice’ sparks fears of heightened risk of a major cyber attack
December 1, 2025
NHS Highland is at heightened risk of falling prey to a major cyber attack in part due to “poor practice” by some staff members. The warning, contained in a report to the board assessing risk levels faced in a range of areas against what is deemed an acceptable level of risk, comes as the busy ...
- Multiple London councils hit by ‘cyber attack’
November 26, 2025
Several London councils have been hit by a “cyber attack” which could have compromised residents’ data. Kensington and Chelsea, Hammersmith and Fulham, and Westminster City councils said they have been responding to a “cyber security issue” since Monday morning. The councils, which share a number of IT systems, added they are working with the “help of ...