Stay informed with free updates
Simply sign up to the Cyber Security myFT Digest — delivered directly to your inbox.
A “significant amount” of personal data from legal aid applicants has been accessed by hackers after a cyber attack on England and Wales’s Legal Aid Agency, leading the body to suspend its online service.
The Ministry of Justice said on Monday that it was made aware of a hack on April 23 and immediately took action. However, the agency discovered on Friday that the hack was more extensive than first realised and the group behind the breach had accessed “a large amount of information relating to legal aid applicants”.
The hacked data may include contact details and addresses of applicants, their dates of birth, criminal history, employment status and financial information dating back to 2010, the MoJ said.
“Since the discovery of the attack, my team has been working around the clock with the National Cyber Security Centre to bolster the security of our systems so we can safely continue the vital work of the agency,” said Jane Harbottle, chief executive of the LAA.
She added: “However, it has become clear that to safeguard the service and its users, we needed to take radical action. That is why we’ve taken the decision to take the online service down.”
The LAA provides civil and criminal legal aid funding and advice to people in England and Wales facing legal problems that they are unable to privately finance. The online service is the portal through which legal aid providers, such as solicitors and barristers, log their work for individuals and receive payment.
The hack comes as the government has consistently faced criticism over underfunding of legal aid, which has led many solicitors and barristers to stop taking on such cases and has raised concerns over access to justice.
The Law Society of England and Wales has criticised the “years of under-investment [that] have brought the justice system to its knees”.
The legal body said on Monday that the hack “once again demonstrates the need for sustained investment to bring the LAA’s antiquated IT system up to date and ensure the public have continued trust in the justice system”.
The LAA said it was working with the National Crime Agency on the hack and urged applicants to be alert to any “suspicious activity such as unknown messages or phone calls and to be extra vigilant to update any potentially exposed passwords”.
“We have put in place the necessary contingency plans to ensure those most in need of legal support and advice can continue to access the help they need during this time,” Harbottle said. “I understand this news will be shocking and upsetting for people and I am extremely sorry this has happened.”