Capita Cyber Incident update

07 May 2024

In March last year Capita, who provide our pension administration services, experienced a cyber incident which affected the security of some members’ personal data. The incident predominantly affected data relating to members who are currently receiving their pension from the Scheme.

We are very sorry to have to report that further data and some additional people were identified in a recent independent forensic review commissioned by Capita.

We have been contacting everyone who is affected, with the latest letters issued at beginning of May 2024, to confirm the position that applies to them personally.

One of the measures implemented by Capita was to offer to those impacted a free 12-month membership of an Experian fraud monitoring service. It was reassuring to see many members have already decided to take up this service.

In light of the recent forensic review, and following feedback from a number of pensioners, we are now taking steps to extend the Experian service and/or give affected members another voucher code to sign up if they haven't done so already. Further information about this is provided in the letters sent to affected members.

We would remind all our members to be extra vigilant for unusual activity on their accounts, including suspected phishing emails, and other potential scams and/or fraudulent activity. Have a look at the Government National Cyber Security Centre's guidance on data breaches. The FCA also has some useful information on how to spot the warning signs of financial scams here.

Please remember:

  • If you receive an unsolicited call or other contact from someone, only give out your personal information if you are happy that the person contacting you is who they say they are.
  • Be careful with unexpected emails or texts, especially if they ask you to click on a link or enter your login details or passwords.
  • Check your bank statements for any signs of unusual activity in recent weeks and consider checking for any new credit files or credit searches in your name which you don't recognise.
  • If in doubt – stop and think. Hang up or end the conversation if you need to. Contact your bank or financial services provider directly if you aren't sure. If you have any suspicions at all, please don't give out any information or bank details. Just hang up or delete the worrying text or email.

If you have any concerns, please consider contacting your bank, in order that as a minimum they can put an appropriate note on their records. Your bank may also be able to help you with other steps you can take to help protect your account, such as changing PIN numbers, security questions or passwords and reviewing direct debits, standing orders and other payments in and out of your account.

Here are some other suggestions that may help you protect yourself and your information against scammers:

  • Protect your email with a strong password (tip: use 3 random words to create a single password that’s difficult to crack).
  • Do not share your password with anyone.
  • Install the latest security updates to your browser software and personal computing devices.
  • If in doubt, do not open emails from senders you do not recognise.
  • Check links look correct before you click on them.
  • Be suspicious of anyone who asks for your bank account or credit card details.
  • If the email contains spelling mistakes, this can be a sign that this is a phishing scam. Do not open the email or attachments.
  • If you think you have been a victim of fraud you should report it to Action Fraud, the UK's national fraud and internet crime reporting centre, on 0300 123 2040.

It should be stressed that the Trustee takes the responsibility of protecting member data very seriously. The Trustee, with the support of AXA UK, is presently working with Capita to review the cyber incident and assess the remediation actions that have been taken. This involves a number of activities, including AXA UK’s Business Security Team assisting the Trustee with a detailed IT security assessment. Alongside this, Capita will be continuing to liaise with the Trustee to provide further information and assurances. While all of this work is ongoing, our incident response remains open. We hope to bring it to a conclusion in the coming months.

Capita have also informed us that:

  • Capita’s independent third-party advisors have found no evidence of threat actor activity since 31 March 2023, and their assessment is that Capita’s security posture is high.
  • Capita worked in close partnership with Microsoft and Government bodies following the incident. The partnership provided further insight and Capita have been able to leverage this significantly as part of the investigation into the tactics and techniques employed by the threat actor and the resultant remedial activities.

We’ve also created a set of FAQs about the cyber incident which you may find useful.

If you have any questions regarding the cyber incident, please contact Capita at cyberqueries_all@capita.com or 0800 229 4005 (Monday to Friday – 08.30am to 5.30pm).

The AXA Pensions Team is available (at pensiontrustees.uk@axa-uk.co.uk); however, we would ask if you can contact Capita in the first instance.

Back
Close