Black Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale sensitive details, including bank account information, addresses, and passport photos, stolen from the IT outsourcing giant. A spokesperson for the London-based corporation, which has UK government contracts totaling £6.5 billion ($8 billion), said it hasn’t yet confirmed if that data leak is legit. “We continue to work closely with specialist advisers and forensic experts in investigating the incident,” a Capita spokesperson told The Register. “We are in constant contact with all relevant regulators and authorities. Our investigations have not yet been able to confirm any evidence of customer, supplier, or colleague data having been compromised.” Those regulators and authorities include the UK’s Information Commissioner’s Office, and an ICO spokesperson confirmed Capita had reported a network intrusion, sorry, “incident” to the data watchdog. “We are assessing the information provided,” the ICO spokesperson told The Register. Once it finalizes its own probe, Capita said it will “if necessary” inform all parties affected in the security breach. “We have taken all appropriate steps to ensure the robustness of our systems and are confident in our ability to meet our service delivery commitments,” the spokesperson said. The technology outsourcer at first confirmed it had suffered an “IT issue” late last month, though didn’t cop to it being a “cyber incident” until April 3. Over the weekend, the Sunday Times claimed the IT breach was worse than Capita has admitted to date: Capita has played down fears that personal and corporate information was accessed, though it appears the miscreants who broke into the business have started selling off that very kind of data, said to be lifted from Capita’s systems. Information listed for sale by Black Basta, according to the newspaper, includes people’s phone numbers, home addresses, and details on more than 100 bank accounts, along with personal data belonging to teachers’ applying for jobs at schools. The crooks claimed the information is merely a sample of what they’ve stolen from Capita, though as of this weekend, the link to buy the supposedly purloined documents didn’t work, we’re told.