Manchester-based law firm Barings Law has become the first in the country to issue a case against Capita at London’s High Court in response to a data breach that could affect millions of people.
Barings initially sent a letter of claim to the outsourcing giant in June last year, outlining their case and client concerns.
On Friday, the firm issued their case against Capita in the High Court of England and Wales and officially triggered legal proceedings.
In just a few months, Barings Law has signed up more than 5,000 people who suspect their personal data may have been compromised by the breach and is currently fielding up to 50 enquiries per day from concerned members of the public.
Investigations carried out by the firm have revealed alarming potential breaches of personal information, including compromised emails, passports, residential addresses and even illicit Uber Eats and Just Eat orders placed on people’s bank accounts which have gone unnoticed for weeks.
The cyber-attack in March, which Capita has still denied liability for, also targeted people’s pensions which were administered via Capita’s systems, resulting in individuals falling prey to phishing attempts, fraudulent calls and emails purportedly from their providers.
Following the incident, The Pensions Regulator made contact with more than 300 funds, encouraging investigation into whether their personal data had been compromised.
The Universities Superannuation Scheme (USS), which is a pension fund for universities, began notifying its approximately half a million members about the risk.
Barings Law’s head of data breach, Adnan Malik, said: “Our High Court action speaks volumes, echoing the concerns of thousands of distressed individuals whose privacy was jeopardised. It’s time to ensure that corporations prioritise safeguarding the digital trust we all rely on.
“Data breaches are not just about ones and zeros; they’re about lives and the trust people place in organisations.
“The Capita data breach isn’t just a case; it’s a wake-up call for corporations to prioritise the protection of sensitive information, and we won’t rest until justice is served.
“This could be one of the biggest data breaches this country has ever experienced and we’re receiving a staggering number of enquiries.
“Aside from people’s pensions being affected, the testimonies from our clients reveal some very concerning details ranging from potential huge financial impact to highly sensitive details being compromised.”
Capita, which looks after services for the military, local councils and the National Health Service, estimates the financial impact of the hack could be £20m.
This was the second breach the company experienced after it had left some data unsecured online, resulting in thousands of individuals reporting their concerns.
The Information Commissioner’s Office (ICO) has reported around 90 organisations having been in touch regarding the breach, despite Capita assuring the public that measures have been taken to secure the affected data.
Malik added: “In the aftermath of the initial breach, one would hope for Capita to strengthen their defences. Yet, here we are, witnessing innocent lives plunged into disarray through circumstances entirely beyond their control.
“While acknowledging Capita’s own victimisation in this cyber-attack, the projected £20 million it will cost them, though substantial, appears almost trivial given their ample resources.
“Conversely, our resilient clients, who’ve poured their sweat and soul into life’s endeavours, now confront the heart-wrenching reality of losing everything they’ve worked so tirelessly to build.
“We’ve committed to taking this case all the way because every individual affected by the Capita data breach deserves more than legal representation—they deserve unwavering advocacy, and that’s precisely what we’re here to deliver.
“Our pursuit of justice doesn’t just send a message; it roars one into the void—data breaches exact a toll that reverberates and serves as a poignant reminder, urging companies to imbue their actions with empathy, to safeguard personal data they hold.”