Capita cyber incident: USS members affected
25 May 2023
We are aware that the personal details of USS members may have been compromised in a data breach of Capita servers
Scheme members may have seen an update from the USS Trustee regarding a data breach of Capita servers, and the recommendation from Capita that the working assumption should be that certain data was accessed and/or copied by hackers in the breach.
What personal data has been compromised?
Capita have identified from their investigations that personal data was “exfiltrated” (i.e., accessed and/or copied) by the hackers. The information accessed includes your title, initial(s), and name, your date of birth, your National Insurance number, your USS member number and your retirement date.
All members have been emailed to alert them to this event, and letters are being sent to those members who have not shared their email addresses. Our Pensions Office would like to confirm that you should treat this correspondence as genuine.
Capita confirm that they have taken extensive steps to recover and secure the data as well as monitoring the dark web to confirm that data compromised as a result of this incident is not circulating more widely.
What is being done to protect my personal information?
Both Capita and USS regret that this has happened but they have reiterated that the risk of identity theft is low. However, they are committed to supporting scheme members, who are being given access to identity protection service Experian, free of charge for 12 months.
What is Experian, and how can I access it?
Experian is a very well-regarded multi-national credit reporting and data company. The services they provide allow monitoring of changes to your UK credit record, which would generally occur if your personal details were used to set up new accounts in your name, as well as monitoring of the web (including the “Dark Web”) for certain personal details, which might appear if, for example, they were being sold. You will be sent details on how you can set up your complimentary Experian membership.
Any unsolicited calls from someone claiming to represent USS, Experian, Capita or the University should be treated with suspicion. You should only ever give out personal information if you are absolutely sure you know who you are communicating with.
- USS update, including Q&As USS update, including Q&As
- Capita update: Actions taken to resolve cyber incident
- Email firstname.lastname@example.org if you have any further queries not covered on their website
- You can also call Experian’s FAQ contact centre helpline: 0800 2294005