Legal Aid Attack Included Access of Applicant Data

share
Header image

Legal Aid Attack Included Access of Applicant Data

share

The Legal Aid service has been taken down whilst the investigation is ongoing.


The recent attack on the Legal Aid service saw a large amount of information relating to legal aid applicants accessed.


In a statement, the Ministry of Justice said that it discovered the attack on 23rd April, and since then it has been determined that the group behind it had accessed a large amount of information relating to legal aid applicants.


“We believe the group has accessed and downloaded a significant amount of personal data from those who applied for legal aid through our digital service since 2010,” it said.


This data may have included contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history, employment status and financial data such as contribution amounts, debts and payments.


Jane Harbottle, CEO of the Legal Aid Agency, said: “I understand this news will be shocking and upsetting for people and I am extremely sorry this has happened.


“Since the discovery of the attack, my team has been working around the clock with the National Cyber Security Centre to bolster the security of our systems so we can safely continue the vital work of the agency.


“However, it has become clear that to safeguard the service and its users, we needed to take radical action. That is why we’ve taken the decision to take the online service down. “We have put in place the necessary contingency plans to ensure those most in need of legal support and advice can continue to access the help they need during this time.


An injunction has been put in place to prohibit sharing of this data, so that anyone who does so could face a custodial sentence.



Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Data BreachGovernment Published: 6 June Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Upcoming Events

No events found.

Related content

UK pledges £90M for SME cyber resilience

UK pledges £90M for SME cyber resilience

 Hijacked NHS Scotland domains push adult content

Hijacked NHS Scotland domains push adult content

 Fraud losses top £629M as UK ramps up enforcement

Fraud losses top £629M as UK ramps up enforcement
UK watchdog raises concerns over Jaguar Land Rover's cyber bailout

UK watchdog raises concerns over Jaguar Land Rover's cyber bailout

 Stryker dismisses malware use, data theft following cyberattack

Stryker dismisses malware use, data theft following cyberattack

 Toll of Transport for London hack reaches nearly 10M

Toll of Transport for London hack reaches nearly 10M
What UK Firms Need to Know About the UK Data Use and Access Act

What UK Firms Need to Know About the UK Data Use and Access Act