Privacy Unpacked Episode 7 - Lessons from Capita: Understanding the ICO's approach to cybersecurity enforcement
Contacts
Associate
UK
I am an associate in our Privacy and Data Protection Group, based in London. I advise UK and international clients on technology, data protection and privacy issues.
Senior Associate
UK
I am an associate in our Commercial Group, and I advise clients on the global challenges facing the digital and communications sector as well as providing counsel on new technologies and their relationships with the use of data.
On 15 October 2025, The Information Commissioner's Office (ICO) imposed a combined monetary penalty of £14 million on Capita plc and Capita Pension Solutions Limited (CPSL). This fine followed a significant cyber-attack in March 2023 that compromised the personal data of over 6.6 million individuals.
In our seventh episode of Privacy Unpacked, Matthew Buckwell (Senior Associate, UK) and Laura Goold (Associate, UK) examine what went wrong, the key lessons for organisations, and what this tells us about the ICO's approach to cybersecurity enforcement.
Tune in now for key insights to stay ahead of the curve!
Listen to our podcast via the links below:
CLICK HERE TO LISTEN TO OUR PODCAST ON SPOTIFY
Latest insights
More Insights
China Cybersecurity and Data Protection: Monthly Update – October 2025 Issue
18 minutes Oct 31 2025
Employers and artificial intelligence: How to ensure the compliant use of AI in the workplace
6 minutes Oct 28 2025
New Cybersecurity Incident Reporting Measures in China: Critical Compliance Updates for Businesses
5 minutes Oct 27 2025