Capita - Victim of Attack by Russian Cybercriminals (Allegedly)

inspectorperez

Not sure if this is the correct subject area for my post, but perhaps might move it if there is a more suitable location on the forum.

Reason I have posted here is that I know Capita deal with a lot of public pension services as well as there other numerous service lines as the "Goto" outsourcing agent of HMGov.

Reports in the Sunday Times this morning of an alleged attack by Russian Cybercriminals which has resulted in personal bank account details, addresses, passport photos etc being leaked online.

There is clearly some substance in this report, but no official announcement as far as I can see from Capita other than an admission that it had been infiltrated but personal details remain secure..

Times journalists have already discovered a trove of phone numbers, details of bank accounts with sort codes and home addresses.

Specifically mentioned are teaching staff whose names, addresses, mobile phone numbers and other personal details have been leaked.

I'm just wondering in such circumstances what actions (teachers for instance) should be taken to minimise any possibility of becoming victims of fraud like identity theft or fraudulent loan applications etc etc. Maybe some forumites have already had experience of such events and it would be interesting to hear what actions they took.

Marcon

Starter for 10: https://www.met.police.uk/advice/advice-and-information/fa/fraud/personal-fraud/identity-fraud/

hugheskevi

I had identity theft earlier this year, with multiple credit card and loan applications made in my name.

I monitor all 3 credit reference agencies, which is how I became aware of the issue. I proactively contacted all the companies shown as having applications. This was a big pain, with long waits and more often than not staff who couldn't care less and didn't have a process to follow as all their procedures centre around existing customers, although there were a few notable exceptions who were very competent. There were also fraudulent applications for insurance, and all of the insurance companies couldn't care less and it wasn't worth contacting them, hard to contact most too due to obscure names on credit reference searches.

Within a couple of months all applications were  removed from credit references and CIFAS markers added to credit records. There were a few lingering issues such as new connected addresses not being removed when applications were removed, so fully sorting out records required careful monitoring and chasing. 

Prudent to also change all passwords regularly.

squirrelpie

hugheskevi said:

I had identity theft earlier this year, with multiple credit card and loan applications made in my name.
...
Within a couple of months all applications were removed from credit references and CIFAS markers added to credit records.

Is a CIFAS marker a good thing? I hadn't come across them so googled and they seem to be something people try to get rid of. But it sounds like you think they're a good thing in your case. Can you clarify please?

hugheskevi

squirrelpie said:

hugheskevi said:

I had identity theft earlier this year, with multiple credit card and loan applications made in my name.
...
Within a couple of months all applications were removed from credit references and CIFAS markers added to credit records.

Is a CIFAS marker a good thing? I hadn't come across them so googled and they seem to be something people try to get rid of. But it sounds like you think they're a good thing in your case. Can you clarify please?

It is both good and bad, although there are different types of markers.

In my case, the 'victim' marker simply informs anyone who checks that there is a higher-than-usual risk of fraud, so additional checks are likely. As part of the marker, you can also add a password, which lenders have to ask the applicant for to verify that it is you. After two years the marker is removed. This is obviously more phaff in an application, but if it avoids fraudulent applications then that is a good thing.

There are other CIFAS markers that would not be at all good to have, eg, if you were the perpetrator of fraud.