Skip to main content

Data Breach at Capital Economics – December 2020

On 12th December 2020, Capital Economics was subject to an unauthorised data breach that exposed client and contact information. Whilst sensitive information such as unencrypted passwords and payment information were not exposed, we’ve contacted all relevant parties to change their passwords. There are no other suggested actions at this time.

­­­­­In light of this unfortunate incident, we are doing everything we can to ensure that your privacy and data are protected. We have taken immediate steps to reinforce our cyber security and will continue to monitor and investigate the situation. Below is an outline of our immediate response and the further steps we plan to take.

If you have further questions, please contact us at support@capitaleconomics.com.

What steps were taken to secure your data?

Capital Economics took immediate steps to identify and fix the initial vulnerability. We also engaged a cyber-security firm for further review. Our initial requirements were to 1) ensure that the production, development and staging environment were secure, 2) conduct an investigation into the incident and determine how it occurred and, if possible, who was responsible and 3) draw up recommendations to better reinforce the IT system. Those recommendations were then prioritised and the most important tasks were implemented before the end of last year. This included putting in place additional security monitoring services to prevent future cyber attacks.

On 15th December 2020, Capital Economics submitted a report to the UK’s Information Commissioner’s Office and we are awaiting their recommendations.

What else are we doing?

Capital Economics is in the middle of a comprehensive review of its entire cyber security architecture, conducted by a leading cyber-security firm. Once complete, we will execute their recommendations.

How does this affect me and my data?

As a consequence of this breach, your business information may now be available to unauthorised third parties.

If you have been affected then we have already contacted you directly with more information. If you are a subscriber, we recommend you reset your password as a precaution. There are no other actions you need to take at this time.

We are here to answer any questions you may have. You can contact us at support@capitaleconomics.com