Nearly $19 million to $25 million is expected to be incurred by major UK business processing outsourcing firm Capita following a Black Basta ransomware attack in late March, SecurityWeek reports.
Recovery and remediation costs, specialist professional fees, and further cybersecurity investments are included in Capita's estimate.
"Capita has also taken further steps to ensure the integrity, safety, and security of its IT infrastructure to underpin its ongoing client service commitments," said the company, which has not clarified whether the spending covers payment to its attackers.
While Capita had its systems disrupted on March 31, the company only confirmed a cyberattack on April 3 and admitted data theft on April 20 after stolen data had already been leaked by Black Basta. Capita's latest update noted that fewer than 0.1% of its servers have been compromised by the incident.
"Capita has taken extensive steps to recover and secure the customer, supplier, and colleague data contained within the impacted server estate, and to remediate any issues arising from the incident," added Capita.
BleepingComputer reports vulnerable ConnectWise ScreenConnect servers impacted by the CVE-2024-1708 and CVE-2024-1709 flaws were observed by Sophos X-Ops researchers to have been subjected to numerous LockBit ransomware attacks since Feb. 21 .