- ‘Significant amount’ of data stolen from the legal aid agent
- Up to 2.1 million items that are accessed, says Hacking Group
- Light Help Online Systems Taken Offline
The United Kingdom’s Ministry of Justice (MOJ) has revealed that a cyber attack on the legal aid system has led to theft of a “significant amount” of data, including criminal items.
MOJ was warned of the attack on April 23, when data was accessed as far as 2010, accessed by the striker.
Earlier this month, MOJ said it was investigating a “security event” and that payment information had potentially become access to. The group responsible for the attack said they gained access to 2.1 million data, but MOJ has not confirmed this number.
‘Significant amount’ stolen data
MOJ said the data that the attackers have accessed “may have included contact information and addresses to applicants, their birth dates, national ID numbers, criminal history, employment status and financial data such as contributions, debt and payments.”
CEO of Legal Aid Agency Jane Harbottle issued an apology to the violation and added that the violation “will be shocking and disturbing to humans”. MOJ is collaborating with the United Kingdom’s National Crime Agency and the National Cyber Security Center to secure systems and the Information Commissioner has been notified.
Legal Aid Agency is responsible for providing legal assistance to over 2,000 providers. The amount administered in 2023/24 amounted to approx. 2.3 billion pounds. Agency’s online digital services have been taken offline as a result of the attack.
MOJ has recommended that anyone who has applied for legal aid since 2010 should take steps to protect themselves, including increased vigilance from unknown phone calls and text messages, as well as updating or replacing weak or recycled passwords.
“If you have any doubts about someone you communicate with online or over the phone, verify their identity independently before giving them information,” the ministry said.
Outside of personal data, it is likely that information relating to barmists, lawyers and other organizations, including non-profit organizations, gained access to the hackers during the attack.
“The recent cyber attack on the legal aid agency is yet another example of the real world impact on digital vulnerabilities. When criminal items and other sensitive personal data are exposed, it is not only a matter of IT-Fiasko, it is a breach of trust, privacy and even security in this case. CyberSecurity Advisor, Eset.
“It emphasizes how critical it is for public bodies and state agencies to invest in stronger cyber defense, faster update times and better education, and to be transparent instant when things go wrong. Delays in notifying victims or vague insurance can often aggravate the damage, whether it is a government agency or a private company.”
Via BBC
