Over 2 million pieces of data were downloaded from the Legal Aid Agency’s online system. The Ministry of Justice reported that the hack was initially identified on 23 April 2025, but the extent of the attack was not known until 16 May 2025.
The stolen data, which dates back to 2010, may have included addresses, national insurance numbers, dates of birth, criminal history, employment status and financial data relating to legal aid applicants.
The MoJ is working closely with the National Cyber Security Centre and the National Crime Agency. The Information Commissioner has also been informed of the incident.
The Legal Aid’s online system is used by legal aid providers to log their work and get paid by the government. However, after discovering that a large amount of applicant data was accessed, the MoJ took the Legal Aid’s online portal offline. The disruption has caused solicitors to face payment delays until a replacement service is available, which could take weeks to put in place.
Chief Executive Officer of the Legal Aid Agency, Jane Harbottle, said:
I understand this news will be shocking and upsetting for people and I am extremely sorry this has happened.
It has become clear that to safeguard the service and its users, we needed to take radical action. That is why we’ve taken the decision to take the online service down.
We have put in place the necessary contingency plans to ensure those most in need of legal support and advice can continue to access the help they need during this time.
The breach is not believed to have affected any other government systems.
The attack comes just weeks after recent cyber incidents affected retail giants, Marks & Spencer, Harrods and the Co-op.
Remember, you must stay alert to any suspicious activity, and take extra care when receiving messages or phone calls from unknown sources. When in doubt, verify the identity of anyone with whom you communicate online. Reset any passwords which may have been compromised.
For help with protecting your business or organisation against cyber attacks, contact us today.
0 Comments