Security News > 2023 > April > Capita IT breach gets worse as Black Basta claims it's now selling off stolen data
Black Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale sensitive details, including bank account information, addresses, and passport photos, stolen from the IT outsourcing giant.
"We continue to work closely with specialist advisers and forensic experts in investigating the incident," a Capita spokesperson told The Register.
Those regulators and authorities include the UK's Information Commissioner's Office, and an ICO spokesperson confirmed Capita had reported a network intrusion, sorry, "Incident" to the data watchdog.
Over the weekend, the Sunday Times claimed the IT breach was worse than Capita has admitted to date: Capita has played down fears that personal and corporate information was accessed, though it appears the miscreants who broke into the business have started selling off that very kind of data, said to be lifted from Capita's systems.
The crooks claimed the information is merely a sample of what they've stolen from Capita, though as of this weekend, the link to buy the supposedly purloined documents didn't work, we're told.
According to infosec watcher Kevin Beaumont, the data listed for sale also included a Capita Nuclear document, papers marked confidential, internal floor plans of multiple buildings, and security vetting for customers.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/04/18/capita_breach_gets_worse/