Capita plc today published an update on a recent cyber incident that affected access to internal Microsoft Office 365 apps.

Capita says it has continued to work closely and at speed with specialist advisers and forensic experts to investigate and resolve the cyber incident.

As noted previously, the unauthorised intrusion was interrupted by Capita which resulted in the impact of the attack being significantly restricted.

Capita said it understood, based on its own forensic work and that of its third-party providers, that some data was exfiltrated from less than 0.1% of its server estate. Capita has taken extensive steps to recover and secure the customer, supplier and colleague data contained within the impacted server estate, and to remediate any issues arising from the incident.

The company expects to incur exceptional costs of approximately £15m to £20m associated with the cyber incident, comprising specialist professional fees, recovery and remediation costs and investment to reinforce Capita’s cyber security environment.

Capita has also taken further steps to ensure the integrity, safety and security of its IT infrastructure to underpin its ongoing client service commitments.

The company says its underlying trading performance remains in line with expectations. Adjusted group revenue for Core Capita1 for the first four months of 2023 was up by 4.8% year-on-year with Capita Public Service up by 5.0% and Capita Experience up by 4.5%. Sales performance has been strong over the first four months of the year with in-year-revenue wins of £449m, up 16% on the first four months of 2022.