Thousands of miners have had their personal details stolen in a cyber attack on their pension fund – but only found out more than two months after they were hacked.
Members of the Miners Pension Fund (MPS) were informed in April that Capita had confirmed a “limited amount of data” had been compromised in a breach.
And earlier this month the MPS confirmed that personal data of members had been affected by the breach.
Read more: Man jailed after admitting carrying out sex act while holding baby seagull
But former pitmen only received a letter this week revealing their surname, initials, national insurance number, pension references and tax codes had been accessed in the hack.
Outsourcing firm Capita runs crucial services for local councils, the military and the NHS, experienced the hack, which caused a significant IT outage, in March.
Capita’s systems are used to administer pension funds for several large firms, including Royal Mail and Axa, covering millions of policyholders.
The attack prompted the Pensions Regulator (TPR) to write to more than 300 pension funds to ask them to check whether data had been stolen by hackers.
In a statement, dated June 6, the MPS said: “Following a detailed investigation, Capita has confirmed that unfortunately the incident may have affected the security of personal data for our members who are currently receiving their pension.
“Capita cannot be certain that any MPS data has been compromised, but we believe it’s appropriate to act as if this is the case and warn affected members about the potential risks. There is the possibility that if personal data is accessed it could be used for fraud, identity theft or to send malicious emails.
“We will issue a letter to all members who may be affected providing further information and support.
“We would like to say how sorry we are that this has happened. We take the responsibility of protecting members’ personal data very seriously and we have sought information about what Capita has done to improve the security of personal data and avoid a future incident.
“We want to reassure you that your pension remains secure.”
The letter sent to former mine workers and seen by The Northern Echo says Capita was initially “unable to confirm whether scheme data had been impacted".
It adds: “There is a possibility that if the information is accessed it could be used for fraud, identity theft, or to send malicious emails."
Ex-miner and Durham Miners’ Association leader Alan Cummings, 76, who worked at Easington Colliery for 35 years before its May ’93 closure, told The Northern Echo: “I only got this letter from them yesterday but it happened two months ago.
“It’s really worrying that people’s bank details are at risk.
“Lots of them are elderly and won’t have known until they got this letter or what happened. Some of them don’t have any family or have internet banking so how would they know if their bank had been accessed.
“I don’t believe that they only know now what details were taken.”
Capita previously said it had taken steps to secure the data and that it was working with the relevant authorities, suppliers, and customers to notify those affected and address the incident.
Read next:
- Ex-Cleveland Police officer offered homeless woman £10 for sex act, tribunal hears
- Police trying to trace Darlington school's former deputy head in investigation
- Teacher used homophobic slur towards student then said he meant it as a joke
Get more from The Northern Echo with a Premium Plus digital subscription from as little as only £1.50 a week. Click here
It also said it was working to ensure the “integrity, safety and security” of its systems.
Capita said it faces a bill of up to £20 million to deal with the incident, including for recovery and remediation costs and to invest in reinforcing its cyber security defences. MPS members are not expected to be compensated.
A Capita spokesperson said: “Capita continues to work closely with specialist advisers and forensic experts to investigate the incident and we have taken extensive steps to recover and secure the data.
“We are now informing those we have identified to be affected. We are working to provide our clients with information, reassurance and support, while delivering for them as a business. In instances where we need to provide further support to those affected, we will do so.”
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel