UK opens investigation of MoD payroll contractor after confirming attack
UK Government has confirmed a cyberattack on the payroll system used by the Ministry of Defence (MoD) led to "malign" forces accessing data on current and a limited number of former armed forces personnel.
There is no evidence to suggest that the criminals who broke into the systems actually removed any data, but they did access personal information including names, financial data, and in some cases home addresses.
Defence secretary Grant Shapps addressed the Commons on Tuesday afternoon, confirming ministers' suspicions that Shared Services Connected Ltd (SSCL) was the contractor running the system during the attack.
SSCL started out as a joint venture in 2013 between the Cabinet Office and Sopra Steria, the French IT provider, which as of last year owns SSCL entirely.
Sopra Steria has 43 active contracts across government and five with the MoD, according to data from public sector spending researcher Tussell. SSCL's contract to deliver armed forces pay, pensions, and military HR services is its most lucrative contract of the 43, and according to Tussell, its most lucrative with the MoD, with a value of more than £294 million ($366.8 million).
