Capita Data Breach Compensation – Can I Make A Claim?

By Cat Mulligan. Last updated 27th October 2023. In this guide, we look at the potential steps you could take should you wish to claim Capita data breach compensation.

In this guide, we discuss the two incidents involving Capita. The first took place in March 2023, and affected a range of organisations, including the Universities Superannuation Scheme (USS). The second Capita data breach occurred a couple of months later in May. 

We look at the eligibility criteria that would need to be satisfied to make a valid personal data breach claim and what evidence would be needed in support of your case. We also look at how data breach settlements are calculated and when you could launch a claim using a data breach solicitor on a No Win No Fee basis. 

If at any time you would like to discuss a potential Capita data breach claim, please speak to a member of our team. We have advisors specialising in these cases who are available 24/7 to provide free advice and guidance.     

To talk to a team member today, you can: 

  • Call our adviceline on 0800 408 7825
  • Contact us via our online callback form
  • Use the pop-up live chat feature below
Capita Data Breach compensation

Capita Data Breach – Could You Claim Compensation?

Choose A Section

  1. Important Information About The Capita Data Breach
  2. How Public Interest Lawyers Can Help You Claim Compensation For The Capita Data Breach
  3. What’s The Time Limit For A Data Breach Claim?
  4. Evidence That Could Be Used In A Capita Data Breach Claim
  5. How Much Compensation Could You Receive?
  6. Make A Capita Data Breach Compensation Claim On A No Win No Fee Basis
  7. Learn More About Claiming Capita Data Breach Compensation

Important Information About The Capita Data Breach

Capita is an organisation that offers consulting, digital and software solutions for connecting customers with business as well as government. Below we will provide some information regarding the two Capita data security incidents in 2023 and the response of the Information Commissioner’s Office.

March 2023

The first of the Capita data breaches took place in March 2023.

In March, Capita was the target of a cyber attack, and around 90 organisations that use its services reported data breaches of personal information held by the company. This organisation administers pension funds for firms such as Royal Mail and Axa. 

It has since been reported in the Financial Times that Capita’s own pension fund has been impacted too. The firm has written to its members to advise them of the impact, which has come to light almost 3 months on since the cyber attack happened.

Another organisation that has confirmed its members have been impacted is accounting giant Price Waterhouse Cooper (PwC). The dates of birth and retirement information had been accessed, as well as possibly national insurance numbers.

Other organisations that have confirmed they’ve been impacted include:

  • USS, also known as the universities superannuation scheme (which has a massive 470,000 members)
  • Pearson
  • Marks and Spencer
  • Diageo
  • Unilever
  • BAE
  • NHS England
  • The BBC
  • Royal Navy


May 2023

In May, two months following, it was reported that Capita left data files in publicly accessible storage, leading to some councils saying they thought their data had been compromised. 


See If You’ve Been Impacted By The Capita Data Breach 

The Information Commissioner’s Office (ICO), which is the body in charge of enforcing data protection laws, has released a statement on the Capita incident in which they acknowledge the two incidents described above. They are encouraging any organisations that use Capita’s services to check their position in relation to these incidents.   

If you suspect that your personal data may have been compromised or you have received a letter notifying you of this, you can contact the organisation responsible for your personal information directly to make an enquiry.

Data breach reports are very important as in some cases, the organisation might not realise the issue.

You can also contact us to learn more about the possible steps you could take if you have evidence showing that your personal data was involved in a potential Capita data breach. 

We offer a No Win No Fee service and can assess your claim for free. 

What You Can Do To Secure Your Data

Some affected individuals have been offered a 12-month subscription to the credit score website, Experian. The idea behind this is to monitor your credit rating to see if any illegal or suspicious activity is taking place as a result of the Capita cyber attack.

However, as reported by the Financial Times, some of those impacted feel this is insufficient.

If you want to take extra steps, a wise move would be to contact your bank and get advice from them. They may be able to help you set up a new account.

It’s also wise to change your passwords and login information for your online accounts, especially those that hold your bank details.

You can also seek advice from the organisation you hold your pension with, such as the Universities Superannuation Scheme. They may offer support and advice.

Also stay extra vigilant when it comes to calls, texts or emails. It’s not uncommon for cybercriminals to target individuals with phishing scams, which seek to mimic the identities of legitimate companies.

If you’d like more advice and support, you can get in touch with us today for free. We can check to see if you can claim compensation and can help you get started today.

How Public Interest Lawyers Can Help You Claim Compensation For The Capita Data Breach

If you’ve been impacted by the Capita data breach, a compensation claim might be something you want to pursue. If so, Public Interest Lawyers can help.

We work closely with a panel of specialist data breach solicitors who have significant experience in this complex area of law. They are currently representing scores of those affected by the Capita data breach and can support you too.

They understand the claims process, how to properly value claims, and how to obtain the necessary evidence to prove fault on the part of the defendant.

To start a claim for Capita data breach compensation, you can call our free, 24-hour helpline on 0800 408 7825. You can also contact us via our online callback form

What’s The Time Limit For A Data Breach Claim?

The time limit for claiming compensation after a data breach can vary depending on who you are claiming against.

For example, data breach claims made against public bodies, like local councils, must begin within a year of the breach. However, the time limit for starting a claim against other organisations is six years. 

This applies to claims relating to the Capita data breach, which affected organisations such as Unilever, the BBC, and the USS. Data breach compensation is generally not awarded to those who attempt to claim outside of the relevant time limit. 

If you are unsure about time limits in data breach claims, contact our team of helpful advisors today. They can offer more information on when you must begin proceedings in order to be eligible to claim. Our advisors can also answer any questions you may have about the claims process and may be able to connect you with a solicitor from our panel.

Evidence That Could Be Used In A Capita Data Breach Claim

To make a potential compensation claim, you must obtain evidence that your case meets the eligibility criteria we outlined previously. A breach that puts the rights and freedoms of data subjects at risk must be reported to these people without undue delay and to the ICO within 72 hours of its discovery.

Therefore, some of the evidence you could provide includes: 

  • A notification letter from the organisation.
  • Correspondence between you and the organisation, such as letters and emails.
  • Findings from an investigation carried out by the ICO that support your case. 
  • Evidence of the damage you suffered as a result, such as copies of medical reports or bank statements. 

Would you like to know about possible steps you could take if your personal data was involved in a potential Capita data breach? Then, please contact a member of our team today. 

capita data breach claim

How Much Compensation Could You Receive?

For a successful personal data breach claim, the award can compensate for up to two potential types of damage. These are as follows: 

  • Material damage – The financial losses you have suffered as a result of the personal data breach, such as money taken out of your bank account or effects on your credit score. 
  • Non-material damage – The psychological damage resulting from the personal data breach. This can include stress, depression, anxiety and post-traumatic stress disorder (PTSD). 

As a guide to potential non-material damage compensation, we have used the Judicial College Guidelines (JCG) to create the table below. Data breach solicitors, and other legal professionals, can also use this document to assist them in the valuation process for non-material damage. 

Harm Type Severity of the Harm Compensation Brackets Guidelines
Mental Injury General (a) Severe £54,830 – £115,730
Mental Injury General (b) Moderately Severe £19,070 – £54,830
Mental Injury General (c) Moderate £5,860 – £19,070
Mental Injury General (d) Less Severe £1,540 – £5,860
Psychological Trauma (a) Severe £59,860 – £100,670
Psychological Trauma (b) Moderately Severe £23,150 – £59,860
Psychological Trauma (c) Moderate £8,180 – £23,150
Psychological Trauma (d) Less Severe £3,950 – £8,180

Please view this table as a guide.

If you are unsure whether you may be eligible to make a data protection breach claim, please speak to one of our friendly advisors at Public Interest Lawyers. 

Make A Capita Data Breach Compensation Claim On A No Win No Fee Basis

Contact our advisors to learn whether you may have a potentially eligible data breach claim. If our team discovers that your case may be viable, they could put you in contact with one of the No Win No Fee data breach solicitors on our panel. 

The popular type of No Win No Fee agreement that our panel of solicitors can offer is the Conditional Fee Agreement (CFA). This means that you wouldn’t pay for your solicitor’s services upfront or whilst your claim is ongoing. What’s more, you typically wouldn’t be required to pay for these services at any point if your claim is unsuccessful.

On the other hand, if your claim were to be successful, your data breach solicitor could take a small success fee from a Capita data breach compensation payout. The success fee is a percentage of the compensation. The legislation caps this percentage.    

To talk to a team member today, you can: 

  • Call our adviceline on 0800 408 7825
  • Contact us via our online call back form
  • Use the pop-up live chat feature below

Learn More About Claiming Capita Data Breach Compensation

Find more information on data breaches by taking a look at more of the guides on our website: 

Additionally, learn more by exploring the external sources that we have linked below: 

Thank you for taking the time to read this guide to claiming Capita data breach compensation. If you need any more advice, please get in touch.