Legal Aid database hacked, 'significant amount' of data and criminal records stolen
Date:
Mon, 19 May 2025 08:44:49 +0000
Description:
The MoJ says that a 'significant amount' of data has been stolen from the
Legal Aid Agency.
FULL STORY
The UKs Ministry of Justice (MoJ) has revealed that a cyberattack on the
Legal Aid system has led to the theft of a "significant amount" of data, including criminal records.
The MoJ was alerted to the attack on April 23 when data dating back as far as 2010 was accessed by the attackers.
Earlier this month, the MoJ said it was investigating a security incident and that payment information had potentially been accessed. The group responsible for the attack said they accessed 2.1 million pieces of data, but the MoJ has not confirmed this number.
Significant amount of data stolen
The MoJ said that the data accessed by the attackers may have included
contact details and addresses of applicants, their dates of birth, national
ID numbers, criminal history, employment status and financial data such as contribution amounts, debts and payments.
Legal Aid Agency chief executive Jane Harbottle issued an apology for the breach, adding that the breach will be shocking and upsetting for people. The MoJ is working with the UKs National Crime Agency and the National Cyber Security Centre to secure systems, and the Information Commissioner has been notified.
The Legal Aid Agency is responsible for providing legal aid funding to over 2,000 providers. The amount administered in 2023/24 amounted to around 2.3 billion. The Agencys online digital services have been taken offline as a result of the attack.
The MoJ has recommended that anyone who has applied for legal aid since 2010
to take steps to protect themselves, including increased vigilance against unknown phone calls and text messages, as well as updating or replacing weak
or reused passwords.
"If you are in doubt about anyone you are communicating with online or over
the phone you should verify their identity independently before providing any information to them," the ministry said.
Outside of personal data, it is likely that information relating to the barristers, solicitors, and other organizations, including not-for-profit organizations, was accessed by the hackers during the attack.
The recent cyber attack on the Legal Aid Agency is yet another example of the real-world impact from digital vulnerabilities. When criminal records and
other sensitive personal data are exposed, it is not just a matter of IT failure, its a breach of trust, privacy and even safety in this case. Many of the individuals affected may already be in vulnerable situations and could
now face the added stress of not knowing where their data will end up or how
it might be used," said Jake Moore, Global Cybersecurity Advisor, ESET.
It highlights just how critical it is for public bodies and government
agencies to invest in stronger cyber defences, quicker update times and
better training as well as being transparent immediately when things go
wrong. Delays in notifying victims or vague reassurances can often worsen the damage whether its a government agency or private company.
Via BBC
======================================================================
Link to news story:
https://www.techradar.com/pro/security/legal-aid-database-hacked-significant-a mount-of-data-and-criminal-records-stolen
$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)