USS — the UK’s biggest private sector pension plan — has warned that the personal data of around half a million members may have been stolen during a cyber attack on outsourcing group Capita.
The USS uses Capita’s technology to support its administration processes. Last month, Capita confirmed it had suffered a cyber attack in late March.
In an update to members on Friday, the USS said “regrettably details of USS members were held on the Capita servers accessed by the hackers.” The personal data potentially accessed included members’ names, dates of birth, and national insurance numbers, said USS.
The details, dating from early 2021, covered around 470,000 active, deferred and retired members.
“We are sorry that member data has been accessed in this way,” said the USS.
“We are proactively engaging with Capita in respect of their ongoing investigations and are considering the next steps available to us. We also continue to engage with them about the ongoing support they will be providing to those affected.”