Capita fails again in new pensions data breach

In what may be seen as a last straw for confidence in Capita Pensions Solutions, it has been confirmed that a data breach occurred earlier this week due to a failed link supporting the pension portal. The portal was shut down in response but not before 138 users had accessed it, exposing the personally identifiable data of almost a hundred scheme members. The scheme has notified the Information Commissioner’s Office, ministers, and the public accounts committee.

It may take some time before the portal, which will have to be properly tested, is available again.

This was a disappointing end to the Bank Holiday weekend shut down, which was intended to improve the services provided by Capita. It is not yet clear that the interfaces with employer HR and payroll systems are in place. The promised, overdue, annual benefit statement information, which was intended to be available in the portal, has had to be delayed, with a possible knock-on effect on the statements which will soon be due for 2025/26.

The incident comes within a week of the Capita CEO, Richard Holroyd, and Chris Clements from Capita Pensions Solutions, appearing before the public accounts committee (PAC). Their explanation of the level of service to scheme members blamed the complexity of the scheme rules and the huge stockpile of work inherited from MyCSP, but a revealing perspective also came in written evidence to the PAC from the Cabinet Office. The permanent secretary, Cat Little, wrote that Capita did not deliver the full levels of IT, automation and portal functionality which significantly impacted their ability to manage the volumes of work since go-live.

Commenting, PCS general secretary, Fran Heathcote said:

“This is yet another hammer blow to members’ confidence in the administration of their pensions.

“This government came to office promising the biggest wave of insourcing in a generation. With every failure like this, the case for bringing essential services back in-house gets stronger.”