Frequently asked questions

In March 2023, Capita, who are the administrator of the AXA UK Group Pension Scheme (the "Scheme"), experienced a cyber incident. Our Scheme was among those pension schemes that were affected, because members' personal data was held on Capita's computer systems that were affected by the cyber incident.

We understand that the incident predominantly affects some personal data relating to people who were receiving pensions from the Scheme (we understand that only a very small group of others were impacted).

We contacted everyone who was affected, with the latest letters issued at the beginning of May 2024.

The affected data has now been subject to an internal review by Capita and a thorough external check by an independent third party appointed by Capita to verify that all affected people and data have been identified. Both these reviews are now complete and so we understand that Capita do not expect to have to announce that any other Scheme data is at risk. We have written directly to all impacted members to explain how they are affected personally.

The Trustee has an incident response plan for situations like this, which we launched as soon as we were notified about the incident.

The Trustee's initial priority was to understand what data was taken and to contact affected members directly, as quickly as we could, to provide more information and guidance, including sources of further assistance.

The Trustee also notified the Information Commissioner's Office (ICO) of a data breach and also notified the Pensions Regulator, in line with legal requirements. AXA UK also kept other regulators updated as needed.

The Trustee takes the security of data very seriously. The Trustee's Incident Response Team has continued to progress a number of key actions on behalf of the Trustee and members, in order to provide increased assurance as to the security of data. This included an evidence-based security assessment of Capita’s technical and organisational controls which was undertaken by AXA UK’s IT security Team. Capita also commissioned an external audit of their response to the Cyber incident and arranged for an external penetration test of Capita’s IT perimeter. The AXA UK IT & Business Security Teams continue to support the Trustee in identifying whether any further steps are required.

On 15 October 2025, the Information Commissioner's Office issued a penalty notice to Capita in relation to the 2023 cyber incident. For clarity, there have been no new developments in relation to the cyber incident itself in terms of the data that was impacted. The ICO's investigation made a number of findings, including that, in 2023, Capita had failed to implement appropriate technical and organisational measures to safeguard the data they held.

The ICO's penalty notice states that Capita, aided by Microsoft, has since made a number of significant improvements to security following the cyber incident. The ICO also notes that Capita has since put in place much more robust systems and has doubled the number of Security Operations Centre analysts at Capita's disposal to deal with cyber security threats.

The Trustee is reviewing the penalty notice issued to Capita, and will take the ICO's conclusions into consideration in determining whether any further steps are required.

Affected members were initially given an option to take out a free 12-month membership of an Experian fraud monitoring service. Following the results of the external review in 2024 and member feedback, the Trustee then decided:

1. to meet the cost of issuing new Experian codes to those affected members who have not previously signed up for the free Experian service.
2. to write to those members who had originally signed up for the Experian to extend their membership by a further year.

After careful consideration, the Trustee decided not to further extend the coverage. Capita has told the Trustee that it has no evidence that any of the information impacted as a result of the 2023 cyber incident has been misused or made available illegally. In addition, AXA UK's Business Security Team has been conducting its own checks and has no reason to believe that the information is on the dark web. No member has shown that they have been financially impacted by the incident.

Capita have previously arranged for further resources to be added to their contact centre. If you have any questions regarding the cyber incident, please contact cyberqueries_all@capita.com or 0800 229 4005 (Monday to Friday – 08.30am to 5.30pm).

Capita have previously assured the Trustees that sufficient resources will be able to support members in relation to the 2023 cyber incident.

Capita informed the Trustee that the incident arose following initial unauthorised access on or around 22 March 2023 which was interrupted by Capita on 31 March 2023. Capita made a formal notification to the stock market on 3 April noting that there was some evidence of a limited transfer of data from their servers and that Capita were investigating the data breach to identify those that were impacted.

On 17 May 2023, Capita first informed the Trustee that some Scheme data was taken. On 2 June 2023 we were informed that some additional data had also been taken.

In the period up to 2 June 2023, Capita were still carrying out their internal investigation to check for any impacts on Scheme data, and we kept in regular contact with them so that we could update members as quickly as possible if there were any relevant developments.

Following each of notifications (on 17 May and 2 June 2023), we needed to gather further information (including obtaining Experian codes) and take the steps necessary to contact members as quickly as we could.

After reviewing the affected data themselves, Capita commissioned an independent third party review to check the data.

This external check of the affected data by the independent third party reviewer reported back to us in spring 2024 and unfortunately it identified that some new or additional data had been affected. We are sorry that it took a long time to identify this, but the external review was very thorough and so it took a long time. Extensive work was required to finalise the external check of data including the removal of duplicate results. This was monitored and regularly chased by the Trustee and AXA UK. Once we received the completed results of the external check with details of the new and additional impacted data, the Trustee endeavoured to issue communications to affected members as soon as possible.

The Trustee has been fully supported by AXA UK’s Business Security and Data Protection/Privacy Teams who have been conducting their own checks to help determine if any AXA data has entered the dark web.

Capita have publicly stated that they have restored impacted services. Capita have confirmed to the Trustee that they have received independent assurance from third party IT experts that Capita’s systems are secure and robust again.

The ICO's penalty notice states that Capita, aided by Microsoft, has made a number of significant improvements to security following the 2023 cyber incident. The ICO also notes that Capita has since put in place much more robust systems and has doubled the number of Security Operations Centre analysts at Capita's disposal to deal with cyber security threats.

The Trustee is reviewing the penalty notice issued to Capita, and will take the ICO's conclusions into consideration in determining whether any further steps are required.

Capita have confirmed to the Trustee that they have received independent assurance from third party IT experts that Capita’s systems are secure and robust again.

We will provide further updates as needed if there are any additional relevant developments to report in relation to the Scheme.

In 2022, an external consultancy firm, commissioned by the Trustee, performed a review of Capita’s systems, specifically in relation to cyber security. In addition, the AXA IT security team undertake periodic reviews of Capita’s systems.

The AXA UK IT Security Team undertook a more detailed, evidence-based security assessment of Capita’s technical and organisational controls at the end of 2024, to help reassure the Trustees that Capita’s systems are suitably secure. The AXA UK IT & Business Security Teams continue to support the Trustee in identifying whether any further steps are required.

If you believe that you have suffered a loss as a consequence of this incident, you can use the existing procedures to raise a complaint, detailing any loss incurred. We would give appropriate consideration to any such complaint, and would expect Capita to do the same.

We would remind our members to remain extra vigilant for unusual activity on their accounts, including suspected phishing emails, and other potential scams and/or fraudulent activity.

Have a look at the Government National Cyber Security Centre's guidance on data breaches.

The FCA also has some useful information on how to spot the warning signs of financial scams at https://www.fca.org.uk/consumers/protect-yourself-scams

We would encourage members to only ever give out personal information if they are absolutely sure they know who they are communicating with.

• If you receive a suspicious email, you should forward it to report@phishing.gov.uk
• For text messages and telephone calls, forward the information to 7726 (free of charge).
• For items via post, contact the business concerned.
• If there are any changes to your National Insurance information, HM Revenue & Customs would contact you – but you can also phone them on 0300 200 3500.

Remember:

• If you receive an unsolicited call or other contact from someone, only give out your personal information if you are happy that the person contacting you is who they say they are.
• Be careful with unexpected emails or texts, especially if they ask you to click on a link or enter your login details or passwords.
• Check your bank statements for any signs of unusual activity in recent weeks and consider checking for any new credit files or credit searches in your name which you don't recognise.
• If in doubt – stop and think. Hang up or end the conversation if you need to. Contact your bank or financial services provider directly if you aren't sure. If you have any suspicions at all, please don't give out any information or bank details. Just hang up or delete the worrying text or email.

Here are some other suggestions that may help you protect yourself and your information against scammers:

• Protect your email with a strong password (tip: use 3 random words to create a single password that’s difficult to crack).
• Do not share your password with anyone.
• Install the latest security updates to your browser software and personal computing devices.
• If in doubt, do not open emails from senders you do not recognise.
• Check links look correct before you click on them.
• Be suspicious of anyone who asks for your bank account or credit card details.
• If the email contains spelling mistakes, this can be a sign that this is a phishing scam. Do not open the email or attachments.

If you think you have been a victim of fraud you should report it to Action Fraud, the UK's national fraud and internet crime reporting centre, on 0300 123 2040.

If you think that you may have been the victim of a scam, or that someone has attempted to carry out a scam, there are a number of things you can do:

Yes, the Trustee reported the 2023 cyber incident to the ICO and kept them informed of developments.

Yes. The Trustee kept the Pensions Regulator up to date about our response to this incident.

Whilst this incident relates to Scheme data and not AXA customer data, AXA UK also kept its regulators updated.

As with all of the Trustee's service providers, Capita's performance is monitored and reviewed. The Trustees will carefully take onboard feedback received in relation to the Capita contract.

The Trustee will also take into consideration the improvements made by Capita to its systems and processes.

If you believe you are entitled to a pension from the AXA UK Group Pension Scheme, it is best to contact the administrators, who can check their record and arrange for information to be provided to you.

You can find out how much you pension is worth by logging in to your online account at portal.hartlinkonline.co.uk/axa-employeebenefits. If you’ve not logged on before, you might find our guide on how to register helpful. You can download it here.

Your online account will provide an overview of what happens to your benefits if you die.

Your next of kin will need to contact the administration team to let us know so we can stop payments and arrange any spouse or dependant’s pensions to be paid. Please call us on 0370 1234 701 if you need to arrange this.

You can download a copy to complete from your online account at portal.hartlinkonline.co.uk/axa-employeebenefits, or contact the administration team.

The earliest age you can take any pension is age 55 (this will increase to 57 in 2028). The earliest you can take your defined benefit pension without it being reduced for early retirement is known as your normal retirement age. Your normal retirement age will depend on which section you were in. Your online pension account will tell you the right date for you.

The administration team will contact you automatically six months before your oldest normal retirement age (if you have more than one). If you want to retire early and are over age 55, contact the administration team for a retirement pack.

Yes, you can, but if you want to move it to a defined contribution type scheme, you will need to take financial advice if the capital value of your benefits is more than £30,000. Please contact the administration team if you want more information about transferring your pension.

If you think your pension has been calculated incorrectly, please contact the administration team. If you think your tax has been calculated incorrectly, you will need to contact HMRC.

All your payslips and P60s are available in your online pension account at portal.hartlinkonline.co.uk/axa-employeebenefits. If you’ve not logged on before, you might find our guide to how to register helpful. You can download it here.

You can update your personal details, including your address and bank details, by logging in to your online pension account at portal.hartlinkonline.co.uk/axa-employeebenefits. If you’ve not logged on before, you might find our guide to how to register helpful. You can download it here.

You will need to contact the administration team to let us know so we can stop payments and arrange any spouse or dependant’s pensions to be paid. Please call us on 0370 1234 701 if you need to arrange this.

Your pension will need to be taken into consideration in your divorce proceeding. The Court will provide an Order detailing the proportion of your pension which is allocated to your ex-spouse. For further details please contact the administrators.

There are six Pensioners’ Associations, which together make up the Federation of AXA UK Pensioners’ Associations. The Federation produces a newsletter, Cascade, which has full details of each Association and who to contact to keep in touch.

To get a forecast of how much you’re likely to get in State Pension, please go to www.gov.uk/check-state-pension

To check your State Pension age, please go to www.gov.uk/state-pension-age