Figure revealed in largely broken up firm’s latest accounts
Interserve has said a cyber attack more than three years ago cost the firm over £11m.
The firm was hit in May 2020, with scammers using a phishing email to gain access to employee information at the business.
The Information Commissioner fined it £4.4m last autumn after finding that weak security measures allowed hackers to steal the personal data of up to 113,000 current and former employees.
But its latest accounts also reveal that it spent £7m on ‘professional adviser fees’ following the attack.
Interserve, which was once a FTSE 250 listed business, has largely been broken up after racking up huge losses and debt following a disastrous foray into the energy-from-waste (EfW) sector which between 2015 and 2019 racked up more than £300m in losses.
>> Register for free-to-attend webinar: Cyber risk in the AEC sector: It’s not if, but when
It has also sold several other parts of the company including its oil and gas business, an overseas civil engineering firm which operated in the Middle East, a healthcare business and returned a deal with the Ministry of Justice to public ownership.
One of the remaining businesses it has a stake in is the rebranded construction division Tilbury Douglas which was bought for nothing last May by a company called TD Bidco, which is owned and controlled by the existing shareholders of Interserve Group.
In its latest accounts for the 18 months to June 2021, Interserve said it recouped £33.9m on EfW schemes in Derby and Glasgow which consisted of indemnity insurance claims and a final contract settlement claim.
In the accounts, Interserve posted revenue of £2.1bn during the period and made a pre-tax loss of £309m.