cyber attack

Capita, the outsourcer which holds contracts worth billions of pounds for the NHS and BBC, said it was hit by a cyber attack which caused its computer systems to grind to a halt.

The company said on Monday it was beginning to restore its services which prevented most of its 61,000 staff from being able to work on Friday as they were unable to log into its systems.

Capita said in a statement to investors that there was “no evidence of customer, supplier or colleague data having been compromised”.

It added: “Our IT security monitoring capabilities swiftly alerted us to the incident, and we quickly invoked our established and practised technical crisis management protocols.”

Capita said it is restoring access to its Microsoft Office 365 services, used to provide business-critical programmes to staff such as spreadsheets, email and word processing software.

Capita runs outsourced IT services for substantial parts of the NHS, including many NHS Trusts that oversee hospitals as well as some local GP surgeries.

It also holds a £456m contract to collect and enforce the BBC TV licence fee, runs military recruiting processes for the Ministry of Defence.

On Friday its staff reported seeing correct passwords rejected by Capita’s IT systems when they tried to log in.

Text messages were also sent by Capita to its employees warning them not to try logging in with security-enhancing virtual private networks (VPNs) or to attempt to change their passwords.

The Cabinet Office, which works closely with Capita because of the number of public sector contracts Capita holds, has been contacted for comment.

Microsoft did not comment on Capita’s suggestions that its cloud-based Office 365 service was to blame for the widespread outage.

The public Office 365 status page on Microsoft’s website, showing whether the IT service has gone offline or suffered a drop in service, has shown no sign of any problems.

Office 365 can be installed on a company’s own computer servers instead of running from Microsoft’s cloud service.

One area of potential weakness in Microsoft Windows-based computer networks is the Active Directory user account folder, which holds details of every user account on that network.

A botched IT upgrade or a deliberate cyberattack can corrupt or delete that folder, leaving users unable to log in or change their passwords.