Security News > 2023 > May > More UK councils caught by Capita's open AWS bucket blunder
The bad news train keeps rolling for Capita, with more local British councils surfacing to say their data was put on the line by an unsecured AWS bucket, and, separately, pension clients warning of possible data theft in March's mega breach.
Alison Parkin, director of financial services at Derby CC, said Capita supported its council tax and benefits service, and data left exposed was collected in early 2021.
"A spokesperson for Coventry CC told us it had been"belatedly informed that there has been a potential historic data breach by our financial services contractor Capita.
"The council is committed to ensuring Capita works with us to fully understand if there has been any data breach and to implement measures to prevent a similar incident from occurring in the future. We are waiting for further clarification from Capita."
Capita is also dealing with a security incident from March, one in which its systems were broken into by criminals that stole data that Capita previously said was contained to a 0.1 percent of its server estate.
Included in the servers accessed was pension data, and Capita has since written to clients warning that is a chance their data was exfiltrated.