Computer systems have abruptly stopped working at the outsourcing group Capita, knocking out council phone lines and triggering fears that the company that runs crucial operations for the NHS and the military could be under cyber-attack.
Capita staff are understood to have been unable to access IT systems since the early hours of Friday, and an early investigation has yet to establish the cause.
The outage exposes the vulnerability of critical public services to cyber incidents – and the increasing role of outsourcing companies in delivering those services. Capita is one of the government’s biggest suppliers, with £6.5bn of public sector contracts spanning London’s congestion charge system to recruiting soldiers for the army.
A spokesperson for the company, who was unable to access their own email, said: “We are aware of a technical issue with our systems, which we are investigating.”
In a later statement, issued on Friday evening, a Capita spokesperson said: “We would like to reassure any customers whose services have been affected that we are making good progress and working closely with our technical partners to swiftly resolve the issues.”
Capita’s customers include the London boroughs of Barnet, and Barking and Dagenham, and South Oxfordshire. Their websites displayed messages on Friday saying that phone lines for their benefits, council tax and business rates call centres were down.
Capita also has its own cybersecurity division, and claims to block 1m spam emails a year from entering school networks.
A source familiar with the outage said the National Cyber Security Centre, the Cabinet Office and other government agencies had been alerted to the incident, given the group’s role in sensitive areas such as Royal Navy training centres and security at Ministry of Defence bases.
People at sites including critical national infrastructure have resorted to using radios, pens and paper, the source said.
Some employees still have access to computers and email, and the company said its investigation was in the early stages and that it was too soon to tell if the failure was caused by a cyber-attack.
Capita was still unsure if hackers were behind the outage on Friday afternoon but there is no evidence of a data breach as yet, according to a source close to the company. The problem is chiefly affecting the Office365 program suite, which includes email, Teams virtual meetings and Word and Excel but clients’ systems appear to be unaffected.
According to sources at Capita, company systems went down at 4am but many staff were not aware until they tried to log on at 7am. Employees received a text from the company at 8.45am explaining that there was a company-wide problem.
One staff member, who asked not to be named, said they were unable to log into their laptop, with their usual password rejected as “incorrect”. They said employees could not access Capita’s systems or any other computer programmes.
Staff were told by text: “We are urgently investigating this and will provide you with an update shortly. Please do not attempt to access via VPN or submit password recovery requests.”
The outage, first reported by the Times, triggered concern within the UK government because Capita, which employs more than 50,000 people in the UK, is one of the government’s most important suppliers.
Its public service division, whose main customer is the British government, reported revenues of £1.4bn last year, consolidating its position as a key supplier at the heart of the government’s efforts to improve digital services.
Its largest government customer is the Department for Work and Pensions, which has farmed out £2bn of work to Capita, mostly on its disability payment assessment services. The company has £1.9bn of contracts with the Ministry of Defence, including recruitment for the British army, maintenance at the UK’s Submarine Training Centre, and fire and rescue operations for the Ministry of Defence.
Capita also provides primary care support services for the NHS, electronic tagging for the prisons and probation service, and operates Transport for London’s road-charging system, covering the congestion charge and ultra-low emissions zone. It holds a contract with HM Revenue and Customs to automate some of the tax collection authority’s processes and has a £456m contract with the BBC to collect the licence fee.
TfL, which was Capita’s largest public sector customer in 2021-22, with a spend of £140m, according to the data analysis firm Global Data, said its services had not been affected.
Global Data said Capita was the UK’s third-largest public sector supplier, receiving £465m of public money last year.
The effect on government services is believed to be minimal at present.
A Cabinet Office spokesperson said: “We are aware of an incident affecting some systems within Capita and we are in regular contact with the company as they continue to investigate the issue.”
Capita also provides call centre services for private customers including Thames Water, William Hill, BMW and O2.
A source at one business that uses Capita software for human resources and finance functions said that employees who were already logged in were able to continue using it but those attempting to log in were unable to access their accounts.
Some clients are understood to use their own ringfenced technology systems, which insiders believe should protect them from any impact.
Smart DCC, a subsidiary of Capita that is responsible for Britain’s smart energy meters, said: “The national secure smart meter network is functioning normally, and is unaffected by IT issues that have been reported.”
Capita’s rival Interserve was fined £4.4m for failing to prevent a cyber-attack last year. However, it is not yet clear if Capita’s issues have been caused by hackers.
A Cabinet Office spokesperson said: “We are aware of an incident affecting some systems within Capita and we are in regular contact with the company as they continue to investigate the issue.”
