A cyber attack three years ago cost the Interserve Group more than £11m, the company has revealed in its latest financial results.
Scammers used a phishing email to gain access to personnel files on 2 May 2020 stealing the personal data of up to 113,000 current and former employees.
Compromised data included contact and bank account details, national insurance numbers, as well as ethnic origin, religion, details of disabilities, sexual orientation and health information.
Interserve was fined £4.4m by the Information Commissioner last year, after it found the company failed to put in place appropriate security measures to prevent the breach.
The financial results report stated that the company also spent a further £7m on ‘professional adviser fees’ following the cyber attack.
The results cover 18 months leading up to 30 June 2021 where revenue is reported as £2.1bn with loss before tax totalling £309m.
Interserve went into administration in March 2019 and since then various parts of the business have been sold off.
The construction division reverted to a previous trading name of Tilbury Douglas and became an independent contractor. It was taken over in May 2022 by TD Bidco, which is owned and controlled by Interserve Group shareholders.
Don’t miss out on BIM and digital construction news: sign up to receive the BIMplus newsletter.