Subj : Legal Aid database hacked
To   : All
From : Mike Powell
Date : Wed May 21 2025 08:36 am

Legal Aid database hacked, 'significant amount' of data and criminal records
stolen

Date:
Mon, 19 May 2025 08:44:49 +0000

Description:
The MoJ says that a 'significant amount' of data has been stolen from the
Legal Aid Agency.

FULL STORY

The UKs Ministry of Justice (MoJ) has revealed that a cyberattack on the
Legal Aid system has led to the theft of a "significant amount" of data,
including criminal records.

The MoJ was alerted to the attack on April 23 when data dating back as far as
2010 was accessed by the attackers.

Earlier this month, the MoJ said it was investigating a security incident and
that payment information had potentially been accessed. The group responsible
for the attack said they accessed 2.1 million pieces of data, but the MoJ has
not confirmed this number.

Significant amount of data stolen

The MoJ said that the data accessed by the attackers may have included
contact details and addresses of applicants, their dates of birth, national
ID numbers, criminal history, employment status and financial data such as
contribution amounts, debts and payments.

Legal Aid Agency chief executive Jane Harbottle issued an apology for the
breach, adding that the breach will be shocking and upsetting for people. The
MoJ is working with the UKs National Crime Agency and the National Cyber
Security Centre to secure systems, and the Information Commissioner has been
notified.

The Legal Aid Agency is responsible for providing legal aid funding to over
2,000 providers. The amount administered in 2023/24 amounted to around 2.3
billion. The Agencys online digital services have been taken offline as a
result of the attack.

The MoJ has recommended that anyone who has applied for legal aid since 2010
to take steps to protect themselves, including increased vigilance against
unknown phone calls and text messages, as well as updating or replacing weak
or reused passwords.

"If you are in doubt about anyone you are communicating with online or over
the phone you should verify their identity independently before providing any
information to them," the ministry said.

Outside of personal data, it is likely that information relating to the
barristers, solicitors, and other organizations, including not-for-profit
organizations, was accessed by the hackers during the attack.

The recent cyber attack on the Legal Aid Agency is yet another example of the
real-world impact from digital vulnerabilities. When criminal records and
other sensitive personal data are exposed, it is not just a matter of IT
failure, its a breach of trust, privacy and even safety in this case. Many of
the individuals affected may already be in vulnerable situations and could
now face the added stress of not knowing where their data will end up or how
it might be used," said Jake Moore, Global Cybersecurity Advisor, ESET.

It highlights just how critical it is for public bodies and government
agencies to invest in stronger cyber defences, quicker update times and
better training as well as being transparent immediately when things go
wrong. Delays in notifying victims or vague reassurances can often worsen the
damage whether its a government agency or private company.

Via BBC

======================================================================
Link to news story:
https://www.techradar.com/pro/security/legal-aid-database-hacked-significant-a
mount-of-data-and-criminal-records-stolen

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

You are viewing proxied material from vert.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.