"ICO Investigating Capita Following Cyber-Attack and Data Breach Incidents"

The ICO (Information Commissioner's Office) is aware of two incidents involving Capita, a company that provides services to organisations. The first incident was a cyber-attack in March and the second involves the use of publicly accessible storage. The ICO is urging affected organisations to check if their personal data has been affected and determine whether or not they must report a data breach within 72 hours. If an organisation decides that a breach does not need to be reported, then they should keep their own record of it and be able to explain why it wasn't reported.