A data breach affecting 138 members of the Civil Service Pension Scheme piles pressure on the service’s administrator, Capita, amid ongoing issues.
Capita has confirmed a data breach affecting the UK Civil Service Pension Scheme (CSPS), exposing the financial data of nearly 140 members through its online portal. The incident, which occurred on 30 March 2026, allowed some users to view annual benefit statements (ABSs) belonging to other members, raising concerns over data privacy and system integrity.
According to Capita, the issue lasted for approximately 35 minutes before it was identified and addressed. The company immediately suspended the ABS functionality on the portal to investigate and resolve the problem, and the feature remains offline at the time of reporting. All affected individuals were contacted on 3 April, while members who did not receive communication have been assured they were not impacted.
A Capita spokesperson acknowledged the incident, stating that the company acted swiftly to contain the issue and has since launched a full investigation. The spokesperson also issued an apology, emphasizing that protecting members’ personal data remains a top priority for the organization.
The Cabinet Office has also responded to the breach, confirming it is working closely with Capita to determine the root cause and ensure appropriate corrective measures are implemented. A spokesperson noted that while the number of affected individuals is relatively small, the matter is being treated with utmost seriousness, with further action under consideration if necessary.
The incident has drawn criticism from union representatives, with Dominic Hook, national officer at Unite, expressing strong concerns over Capita’s handling of the pension scheme. He stated that the breach adds to a series of failures and called for the government to reconsider outsourcing arrangements, urging that the CSPS be brought back under direct public control.
The breach comes amid ongoing challenges in Capita’s administration of the CSPS, which it assumed responsibility for in December 2025 under a seven-year contract valued at £239 million. At the time of transition, Capita inherited a substantial backlog, including tens of thousands of unresolved cases and unread communications, placing immediate pressure on service delivery.
Richard Holroyd, head of Capita’s public services unit, recently informed MPs that the company has made progress in addressing these issues, having cleared over 145,000 cases since taking over the contract. He indicated that while improvements are underway, full service normalization is expected in the coming months.
Despite these efforts, the broader administration challenges have already impacted pensioners, with reports of delayed payments and service disruptions. The latest data breach further intensifies scrutiny on Capita’s ability to manage sensitive public sector pension systems securely and effectively.
As investigations continue, the incident highlights the importance of robust data protection measures and operational oversight in managing critical government-backed financial systems, particularly those serving millions of public sector workers.
Recommended Cyber Technology News :
- Eurail Data Breach Exposes Passport Data of 308K Users
- Data Breaches Hit ProxyCare, Oscar Health, AccentCare
- Hims & Hers Data Breach Raises Telehealth Security Risks
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
