Another security calamity for Capita: An unsecured AWS bucket Capita is facing criticism about its security hygiene on a new front after an Amazon cloud bucket containing benefits data on residents in a south east England city council was left exposed to the public web. Colchester City Council said on Monday it had launched a probe following the discovery of the open storage bucket, and …
As I said on the USS debacle, there has to be immediate sanctions against the company so that they are severely constrained.
The also has to be some sort of disclosure process so that auditors can see just how many eggs are in one (incompetent) basket. This is going to keep being repeated until it reaches the point there is simply not secure data. It will all be in the public domains.
Data matching services can already stick huge amounts or publicly available and stolen data together to make highly valuable data sets.
We require all parties involved in the handling of sensitive information to adhere to the highest standards of data protection and it is unacceptable that Capita has failed to meet these required standards. As a result, we are considering what further action may be appropriate regarding Capita.
The "appropriate action" no doubt will be to award them another lucrative contract, while they employ a few former senior council workers at exorbitant rates to sell their wares to other councils. And thus the cycle of chaos continues.
It’s just one fuckup after another with these clowns.
They should be barred from tendering for any public projects on the grounds that they are a bunch of incompetent fuckwits incapable of installing Linux on a laptop without missing the delivery date, running over budget, or meeting the requirements, the laptop would come with Windows instead of Linux.
My 96 year old mum could do a better job than Crapita and she has been dead the past two years.
Open bucket for 7 years apparently!
Security researcher finds trove of Capita data exposed online
Receive letter today from Unilever Pension fund that their scheme administered by Crapita may have been compromised. Data includes pension ID and banking details. 12 months free Experian monitoring for free . Guess that is worth sweet FA ( https://www.theregister.com/2022/07/12/experian-account-hijack-krebs/ )
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
