In October 2025 the Information Commissioner's Office announced one of its larger recent enforcement actions, against the outsourcing group Capita following a data breach.
£14m
total fine
6.6m
people affected
58 hrs
before device quarantined
What this measures: Penalties announced by the ICO on 15 October 2025. The 58 hours refers to the time before the compromised device was quarantined.
The total splits into two penalties: £8 million against Capita plc and £6 million against Capita Pension Solutions Ltd. Both figures come directly from the ICO's announcement.
Why it matters here
ChargeGuard's whole design is to keep as little of your data as possible, and never to link your card or number plate. Breaches like this are the reason that restraint is a feature, not a limitation.
