Capita, the outsourcing specialist and government contractor, has revealed that customer, supplier or colleague data may have been accessed during a cyber attack in March.
The company, which announced earlier this month that it had been targeted, said its investigations had identified that the attack on its systems first took place on or around 22 March.
It said the unauthorised access was not interrupted until 31 March.
It believed the hackers primarily impacted access to internal Microsoft Office 365 applications, admitting there was evidence of a “limited” data breach.
Be the first to get Breaking News
Install the Sky News app for free
“Capita continues to work through its forensic investigations and will inform any customers, suppliers or colleagues that are impacted in a timely manner,” its statement said.
It is understood that companies using Capita for call centre services, such as O2, were affected while a number of council customer service lines were impacted too.
Capita said the majority of its client services were unaffected, with 4% of its server estate hit.
It added that staff access to Microsoft Office 365 had been restored.
Please use Chrome browser for a more accessible video player
The attack took place against a backdrop of rising incidents and warnings that companies should be well prepared.
The head of the National Cyber Security Centre (NCSC) said on Wednesday that the number of “hackers for hire” and spyware was set to grow over the next five years, leading to more cyber attacks and increasingly unpredictable threats.
The government also confirmed that the NCSC was issuing an “official threat notice” to operators of critical national infrastructure amid concerns about the growing cyber threat, particularly from Russia.
A spate of recent attacks have affected WH Smith and Royal Mail’s international parcel services.