TZUTC: -0500   
   MSGID: 1136.consprcy@1:2320/105 2c93172e   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   Legal Aid database hacked, 'significant amount' of data and criminal records   
   stolen   
      
   Date:   
   Mon, 19 May 2025 08:44:49 +0000   
      
   Description:   
   The MoJ says that a 'significant amount' of data has been stolen from the   
   Legal Aid Agency.   
      
   FULL STORY   
      
   The UKs Ministry of Justice (MoJ) has revealed that a cyberattack on the    
   Legal Aid system has led to the theft of a "significant amount" of data,   
   including criminal records.    
      
   The MoJ was alerted to the attack on April 23 when data dating back as far as   
   2010 was accessed by the attackers.    
      
   Earlier this month, the MoJ said it was investigating a security incident and   
   that payment information had potentially been accessed. The group responsible   
   for the attack said they accessed 2.1 million pieces of data, but the MoJ has   
   not confirmed this number.   
      
   Significant amount of data stolen    
      
   The MoJ said that the data accessed by the attackers may have included    
   contact details and addresses of applicants, their dates of birth, national    
   ID numbers, criminal history, employment status and financial data such as   
   contribution amounts, debts and payments.    
      
   Legal Aid Agency chief executive Jane Harbottle issued an apology for the   
   breach, adding that the breach will be shocking and upsetting for people. The   
   MoJ is working with the UKs National Crime Agency and the National Cyber   
   Security Centre to secure systems, and the Information Commissioner has been   
   notified.    
      
   The Legal Aid Agency is responsible for providing legal aid funding to over   
   2,000 providers. The amount administered in 2023/24 amounted to around 2.3   
   billion. The Agencys online digital services have been taken offline as a   
   result of the attack.    
      
   The MoJ has recommended that anyone who has applied for legal aid since 2010   
   to take steps to protect themselves, including increased vigilance against   
   unknown phone calls and text messages, as well as updating or replacing weak   
   or reused passwords.    
      
   "If you are in doubt about anyone you are communicating with online or over   
   the phone you should verify their identity independently before providing any   
   information to them," the ministry said.    
      
   Outside of personal data, it is likely that information relating to the   
   barristers, solicitors, and other organizations, including not-for-profit   
   organizations, was accessed by the hackers during the attack.    
      
   The recent cyber attack on the Legal Aid Agency is yet another example of the   
   real-world impact from digital vulnerabilities. When criminal records and   
   other sensitive personal data are exposed, it is not just a matter of IT   
   failure, its a breach of trust, privacy and even safety in this case. Many of   
   the individuals affected may already be in vulnerable situations and could    
   now face the added stress of not knowing where their data will end up or how   
   it might be used," said Jake Moore, Global Cybersecurity Advisor, ESET.    
      
   It highlights just how critical it is for public bodies and government   
   agencies to invest in stronger cyber defences, quicker update times and    
   better training as well as being transparent immediately when things go    
   wrong. Delays in notifying victims or vague reassurances can often worsen the   
   damage whether its a government agency or private company.    
      
    Via BBC   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/legal-aid-database-hacked-significant-a   
   mount-of-data-and-criminal-records-stolen   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 114 206 300 307 317 400 426 428   
   SEEN-BY: 229/470 664 700 705 266/512 291/111 320/219 322/757 342/200   
   SEEN-BY: 396/45 460/58 712/848 902/26 2320/0 105 3634/12 5075/35   
   PATH: 2320/105 229/426