Legal Aid Agency Investigates Cyber Incident

share
Header image

Legal Aid Agency Investigates Cyber Incident

share

Agency could not confirm "what, if any, information was accessed."


The Legal Aid agency has reported that it has been hit by a cybersecurity incident.

According to media reports, in a letter sent to law firms last week, the Legal Aid Agency (LAA) warned it had identified a "security incident.” It said "it is possible that financial information relating to legal aid providers may have been accessed by a third party."

The LAA said it could not confirm "what, if any, information was accessed", but said it was "possible that payment information may have been accessed."

The agency said the incident is being investigated in accordance with its data security processes, “and action has been taken to mitigate the incident.”

Jamie Akhtar, CEO and co-founder of CyberSmart, said: “This could be an extremely damaging breach for the whole legal sector. The Legal Aid Agency has access to the financial data of the thousands of Law firms across the country that provide this service, and if it’s fallen into the wrong hands, this presents a couple of huge threats.

“Firstly, if the cyber-criminals have managed to access financial data, this could be used to steal funds, set up fake businesses or identities, or commit fraud. Alongside this, law firms were already a major target for cyber-criminals due to the money they handle and the sensitive data they process.

“Also this breach will provide cyber-criminals with a ‘target list’ of firms to launch further attacks, such as phishing and ransomware.”



Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Data BreachGovernment Published: 7 May Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Upcoming Events

No events found.

Related content

UK pledges £90M for SME cyber resilience

UK pledges £90M for SME cyber resilience

 Hijacked NHS Scotland domains push adult content

Hijacked NHS Scotland domains push adult content

 Fraud losses top £629M as UK ramps up enforcement

Fraud losses top £629M as UK ramps up enforcement
UK watchdog raises concerns over Jaguar Land Rover's cyber bailout

UK watchdog raises concerns over Jaguar Land Rover's cyber bailout

 Stryker dismisses malware use, data theft following cyberattack

Stryker dismisses malware use, data theft following cyberattack

 Report: UK cyberattacks grow faster than global rate

Report: UK cyberattacks grow faster than global rate
Toll of Transport for London hack reaches nearly 10M

Toll of Transport for London hack reaches nearly 10M