Pension account login

Capita cyber incident

16/08/2024

Wincanton Plc Pension Scheme - Important information about your personal data

Capita provide administration services to the Wincanton Plc Pension Scheme.

This update is about the Capita cyber incident when there was unauthorised access to Capita systems back in March 2023.

As advised previously, we were informed by Capita that this incident likely involved the disclosure of personal data of a number of our members. Those known to be affected at the time received a separate communication from the Trustee of the Wincanton Plc Pension Scheme.

Following the Cyber incident last year Capita, subsequently appointed third-party eDiscovery experts to forensically review the data exfiltrated from the affected servers in order to obtain a more detailed understanding of the personal data contained within it.

They have recently completed that independent review and informed the Trustees of Wincanton plc pension Scheme that the review has identified additional categories of personal data within the exfiltrated data and additional people who were affected by the disclosure personal data as a result of the Cyber Incident in March 2023. We have already provided more specific information to our members who are likely to have been affected by the new information uncovered as a result of the independent review.

We are sorry for any distress this new information may cause you. Please be assured that there has been no ‘new’ Cyber incident to the incident reported in March 2023, this new information has been uncovered by the independent review carried out of the Cyber incident last year.

Steps you can take to protect your personal data

We encourage you to stay alert against any suspicious calls, texts or emails which could be a scam. If you do receive any suspicious messages or calls, please do not hand over any information such as your bank account details. Instead, hang up, or delete any worrying texts or emails. The FCA has some useful information on how to spot the warning signs of financial scams at https://www.fca.org.uk/consumers/protect-yourself-scams

The National Cyber Security Centre has guidance on data breaches at: https://www.ncsc.gov.uk/guidance/data-breaches

Cyber criminals commonly use a scam technique called “phishing”, which is mostly email-based but can also be via telephone calls, to lure victims under false pretences to websites which look legitimate to get them to provide information including bank account and credit card details. These emails/phone calls appear to be from recognisable sources such as banks but actually link to fraudulent websites. Accordingly, we have the following guidance to help reduce the risk of falling foul of these phishing attempts:

  • Protect your email with a strong password (tip: use 3 random words to create a single password that’s difficult to crack).
  • Do not share your password with anyone.
  • Install the latest security updates to your browser software and personal computing devices.
  • If in doubt, do not open emails from senders you do not recognise.
  • Check links look correct before you click on them.
  • Be suspicious of anyone who asks for your bank account or credit card details.
  • If the email contains spelling mistakes, this can be a sign that this is a phishing scam. Do not open the email or attachments.
  • If you think you have been a victim of fraud you should report it to Action Fraud, the UK's national fraud and internet crime reporting centre, on 0300 123 2040.

The Information Commissioner’s Office is the UK's independent body set up to uphold information rights. Its website is a good source of more information about how to protect your personal data online when using computers and other devices: https://ico.org.uk/for-the-public/online.

On behalf of the Trustee of the Wincanton Plc Pension Scheme, I would like to apologise for any inconvenience and concern this new information causes and would like to reassure you that we will continue to do everything we can to work with Capita to make sure support is available for members who are impacted.

If you have any questions regarding this cyber incident, please contact cyberqueries_all@capita.com

Quick links

Latest news

Glossary Terms and conditions Cookies Privacy Sitemap
Retirement Saver Members
Pension Builder Members
Deferred/Retired Members
Close