Legal aid cyber attack: Lawyers slam government agency for 'inadequate' response to hack

On Friday, it became clear the scale of the cyber attack is far greater than first realised, as hackers had downloaded personal details, criminal records, national insurance numbers, and financial details of those claiming Legal Aid since 2010.

The Legal Aid Agency has now disabled its online platform which lawyers routinely use to submit requests to be paid, as the Ministry of Justice issued a warning to the public about the fallout from such a massive breach, telling the public to be vigilant for scams.

The Law Society of England and Wales said on Monday afternoon that advice coming from the Legal Aid Agency so far had been “scarce and inadequate given the scale of this security breach”.

“It is the Legal Aid Agency’s responsibility to address the problems with their own system including contacting all the legal aid applicants whose data has been compromised”, said Law Society president Richard Atkinson.

The body, which represents lawyers across England and Wales, called the attack “extremely concerning” and said the incident should spark overdue upgrades to the “fragile” and “antiquated” Legal Aid IT systems.

The Legal Aid Agency is an executive agency of the Ministry of Justice, and provides civil and criminal legal aid and advice to those involved in legal proceedings.

Investigators from the National Crime Agency and National Cyber Security Centre are probing the attack, and the government has issued a public safety warning.

“On Wednesday 23 April, we became aware of a cyber-attack on the Legal Aid Agency’s online digital services”, the Ministry of Justice (MoJ) said.

“These are the services through which legal aid providers log their work and receive payment from the Government.

“In the days following the discovery, we took immediate action to bolster the security of the system, and informed all legal aid providers that some of their details, including financial information, may have been compromised.

“Since then, we have worked closely with the National Crime Agency and National Cyber Security Centre as well as informing the Information Commissioner.

“On Friday 16 May we discovered the attack was more extensive than originally understood and that the group behind it had accessed a large amount of information relating to legal aid applicants.

“We believe the group has accessed and downloaded a significant amount of personal data from those who applied for legal aid through our digital service since 2010.

“This data may have included contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history, employment status and financial data such as contribution amounts, debts and payments.

“We would urge all members of the public who have applied for legal aid in this time period to take steps to safeguard themselves. We would recommend you are alert for any suspicious activity such as unknown messages or phone calls and to be extra vigilant to update any potentially exposed passwords. If you are in doubt about anyone you are communicating with online or over the phone you should verify their identity independently before providing any information to them.”

The group which says it is behind the attack claims to have accessed 2.1 million pieces of data, but the MoJ has not verified that figure.

“I understand this news will be shocking and upsetting for people and I am extremely sorry this has happened”, said Jane Harbottle, Chief Executive Officer of the Legal Aid Agency.

“Since the discovery of the attack, my team has been working around the clock with the National Cyber Security Centre to bolster the security of our systems so we can safely continue the vital work of the agency.

“However, it has become clear that to safeguard the service and its users, we needed to take radical action. That is why we’ve taken the decision to take the online service down.

“We have put in place the necessary contingency plans to ensure those most in need of legal support and advice can continue to access the help they need during this time.

“I am incredibly grateful to legal aid providers for their patience and cooperation at a deeply challenging time.

“We will provide further updates shortly.”

Mr Atkinson, in a statement, said: “It is extremely concerning that members of the public have had their personal data compromised in this cyber security incident and the Legal Aid Agency must get a grip on the situation immediately.

“The incident once again demonstrates the need for sustained investment to bring the LAA’s antiquated IT system up to date and ensure the public have continued trust in the justice system.

“The fragility of the IT system has prevented vital reforms, including updates to the means test that could help millions more access legal aid, and interim payments for firms whose cashflow is being decimated by the backlogs in the courts, through no fault of their own. If it is now also proving vulnerable to cyber-attack, further delay is untenable.

“Legal aid firms are small businesses providing an important public service and are operating on the margins of financial viability. Given that vulnerability, these financial security concerns are the last thing they need.”

A National Crime Agency spokesman said: "We are aware of a cyber incident affecting the Legal Aid Agency.

"NCA officers are working alongside partners in the National Cyber Security Centre and MoJ to better understand the incident and support the department."

A National Cyber Security Centre spokesperson added: "The NCSC is committed to helping organisations manage their cybersecurity and has published advice and guidance on how to strengthen their defences on our website."

A spokesperson for the Information Commissioners' Office also confirmed they were making inquiries after the MoJ reported the breach.

Further information on how to protect yourself from the impact of a data breach can be found on the NCSC website.