Question to the Cabinet Office:

To ask the Minister for the Cabinet Office, what assessment he has made of the need to take further action following Capita's confirmation of a data breach on the Civil Service Pension Scheme portal in April 2026.

The administration of the Civil Service Pension Scheme is the responsibility of the Cabinet Office. The Cabinet Office awarded the contract to administer the Civil Service Pension Scheme to Capita in November 2023 under the previous government.

The issues and delays facing a number of civil servants and pension scheme members in receiving their pension quotes are unacceptable. I want to reassure you that this Government has taken firm action to help put things right as soon as possible. We have agreed a clear recovery plan with Capita, which includes specific milestones and accountability targets for delivery. Existing Key Performance Indicators (KPIs) have been enhanced and strengthened to deliver improved performance and higher penalties for failure, including financial penalties. These have already been applied in respect to Capita's performance with recent issues and delays in administering the Civil Service Pension Scheme.

The Cabinet Office has addressed the data breach of 30 March 2026, where a technical failure during a surge of 60,000 access requests allowed 138 members to view others' benefit statements. Investigations confirmed this was a session management malfunction and not a cyber-attack.

Following the Cabinet Office’s notification to the Information Commissioner’s Office, Capita performed a root cause analysis and strengthened system controls to prevent a recurrence. The Cabinet Office has further mandated that Capita provide formal accounts to the Public Accounts Committee and the Public Administration and Constitutional Affairs Committee to ensure the provider remains fully accountable for the security of member information.