Cyber Attack Hits UK Legal Aid Agency, Personal Data Stolen

A major cyber attack has hit Britain's Legal Aid Agency, leading to the theft of personal and sensitive information of people who applied for legal aid since 2010.

The agency said it discovered the breach on April 23 and has been working with the National Crime Agency to investigate the incident. However, on Friday, it learned the attack was worse than first thought.

Hackers accessed a large amount of data, including applicants’ names, addresses, dates of birth, national ID numbers, and financial details like payments, debts, and contributions. They also accessed some criminal records.

Jane Harbottle, the Chief Executive Officer of the Legal Aid Agency, said her team has been working closely with the National Cyber Security Centre to strengthen security.

“Since the discovery of the attack, my team has been working around the clock to protect our systems,” she said. “To keep our users safe, we have decided to shut down our online services.”

Despite the shutdown, Harbottle said people who need legal help can still access services through other means.

The Legal Aid Agency is part of the UK’s Ministry of Justice and supports people who cannot afford legal services.

This attack follows other recent cyber crimes in the UK. In April, hackers also targeted major retailers Marks & Spencer and Co-op by impersonating staff and tricking IT help desks. M&S later confirmed that some customer data had been stolen in a ransomware attack, which forces companies to pay a ransom to regain access to their systems.

Cybersecurity experts are urging both public and private organisations to improve their digital defences as such attacks become more common.