The group behind it had accessed a large amount of information relating to legal aid applicants.
A ‘significant amount’ of personal data from legal aid applicants was accessed and downloaded in last month’s reported cyber incident.
According to a statement from the Legal Aid Agency and Ministry of Justice, an investigation determined that the “attack was more extensive than originally understood and that the group behind it had accessed a large amount of information relating to legal aid applicants.”
It said: “We believe the group has accessed and downloaded a significant amount of personal data from those who applied for legal aid through our digital service since 2010.
“This data may have included contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history, employment status and financial data such as contribution amounts, debts and payments.”
Bolster Security
In the days following the discovery, it took ‘immediate action to bolster the security of the system’, and informed all legal aid providers that some of their details, including financial information, may have been compromised.
Jane Harbottle, CEO of the Legal Aid Agency, acknowledged that the news will be “shocking and upsetting for people and I am extremely sorry this has happened.”
She said: “Since the discovery of the attack, my team has been working around the clock with the National Cyber Security Centre to bolster the security of our systems so we can safely continue the vital work of the agency.
“However, it has become clear that to safeguard the service and its users, we needed to take radical action. That is why we’ve taken the decision to take the online service down.
“We have put in place the necessary contingency plans to ensure those most in need of legal support and advice can continue to access the help they need during this time.”
Shaun Cooney, CPTO at Promon, said: “A breach involving criminal records and legal data is as serious as it gets. This information could be used to exploit people in court proceedings, disrupt legal outcomes, or even intimidate vulnerable individuals involved in sensitive cases.
“We’re entering dangerous territory when the justice system becomes an easy mark for attackers. These records cover people who may have escaped abusive situations, been wrongfully accused, or are working to clear their name - exposing that data can have real-world consequences.”
Joe Jones, CEO and founder of Pistachio, said: “What makes this breach particularly egregious is that the public has no alternative when engaging with the legal system; it’s not optional.
“The government must now take urgent steps to harden its digital infrastructure. Just as we’ve seen in the healthcare and retail sectors, once bad actors smell blood in the water, attacks will become relentless. If the justice system is seen as vulnerable, it will become a regular target”.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
