The Legal Aid Agency (LAA), part of the UK’s Ministry of Justice (MoJ), has alerted law firms to a potential security breach that may have exposed financial information, reported Sky News. The agency, responsible for managing substantial legal funding, oversees around 2,000 providers, including barristers, solicitor firms, and non-profit organisations that offer civil and criminal legal aid services across England and Wales. The LAA employs approximately 1,250 staff and operates the Public Defender Service.
In a letter to law firms, the LAA stated that while it cannot confirm data access, there is a risk that payment details of legal aid providers could have been compromised.
“This incident is being investigated in accordance with our data security processes, and action has been taken to mitigate the incident,” noted the agency’s letter. “The LAA takes the security of the information we hold seriously, and we understand the potential impact any breach can have on you.”
“We take any data breach extremely seriously and have already taken action to bolster the security of the legal aid system, said an MoJ spokesperson. “We’re working with the National Crime Agency (NCA) and National Cyber Security Centre to investigate the situation, and it would be inappropriate to comment further at this stage.”
“We are aware of a cyber incident affecting the Legal Aid Agency,” said NCA. “NCA officers are working alongside partners in the National Cyber Security Centre and MoJ to better understand the incident and support the department.”
Recent cyberattacks highlight broader security threats to UK firms
This incident is part of a broader pattern of cyberattacks, with recent targets including UK retail giants Co-op, Harrods, and Marks & Spencer. These attacks have been linked to the DragonForce ransomware group.
Earlier this week, The Co-op Group admitted to a significant data breach resulting from a cyberattack reportedly carried out by the DragonForce group. This admission followed the retailer’s initial downplaying of the recent incident, when it announced the shutdown of parts of its IT systems due to an attempted network intrusion.
Last week, Harrods confirmed it had been targeted by a cyberattack, marking it as the third major UK retailer to report such an incident recently. The department store stated it had implemented precautionary measures after threat actors attempted to access its systems.
Similarly, M&S confirmed last week that it was also targeted by a cyberattack, leading to major operational issues, including disruptions in payment processing, delivery delays, and a temporary halt to online orders.
In response to these events, the National Cyber Security Centre has issued guidance for companies to enhance their cybersecurity measures.
Read more: Harrods becomes third UK retailer this week hit by cyberattack
