The financial data of just under 140 members of the UK Civil Service Pension Scheme (CSPS) has been exposed following a data breach affecting its online portal, which is overseen by Capita.
According to the outsourcer, the issue led to scheme members being able to view personal annual benefit statements (ABSs) that were not their own. Capita pulled the ABS functionality in order to investigate and remediate the issue, and at the time of writing, it remains offline.
Computer Weekly understands all affected members of the pension scheme were contacted on 3 April – those who have not received any message at this stage were not impacted and do not need to take any further action.
A Capita spokesperson said: “We are aware of an issue that occurred on the CSPS member portal for around 35 minutes on 30 March 2026, affecting the accuracy of a small number of Annual Benefit Statements (ABS) generated in this period.
“This was identified quickly, ABS functionality was immediately suspended, and a full investigation undertaken. We sincerely apologise for this issue and any concerns you may have. We take the protection of members’ personal data extremely seriously,” they said.
A Cabinet Office spokesperson added: “”We are aware of the incident and take the issue extremely seriously.
“While only a very small number of members were affected, we are working with Capita to establish the facts and ensure appropriate measures are taken. We will consider further action as required,” they said.
Dominic Hook, national officer at the Unite union, said: “Once again, Capita has proved itself to be totally unfit to manage the pensions of millions of public sector workers.
“This latest in a litany of extremely serious failures by Capita shows why the government’s manifesto promise to reverse outsourcing is more important than ever. Ministers need to keep that promise by bringing the CSPS back inhouse,” he added.
Pension crisis
Though minor in its scope the breach at the CSPS comes amid serious ongoing issues with Capita’s administration of the scheme, which it took over in December 2025 under a seven-year, £239m contract over which the Public Accounts Committee (PAC) had already raised significant concerns.
During this transition, it emerged that Capita had inherited a “significant volume” of outstanding work, including almost 90,000 work-in-progress cases and 15,000 emails that had never been read.
At the end of March, Richard Holroyd, who leads Capita’s public services unit, told MPs that the firm was making progress on addressing its backlog, saying it has cleared and closed 145,000 open cases since December.
“Whilst challenges remain, we’re seeing progress and expect services to improve in the coming months,” he said, suggesting that normal service levels could be resumed by June.
However, the remedial work needed to get the CSPS back in good order has led to missed payments for pensioners, among other problems. Computer Weekly recently reported the story of a former civil servant of 40-years standing – with no other source of income – who had not received any payments for four months.
