The Legal Aid Agency (LAA) has confirmed it has been the victim of a cyber attack but has said it could not confirm what, if any, information had been compromised. It has acknowledged it was ‘possible’ payment information relating to legal aid providers may have been accessed.
First reported on Sky News, the LAA has written to law firms to advise it had identified a ‘security incident’ and was working with the National Crime Agency and National Cyber Security Centre to investigate the data breach. There has been no formal acknowledgment of the breach on the Agency’s social media channels but it has said the incident is being investigated and action has been taken to mitigate the incident in the letter to the firms.
“I would like to offer our sincere apologies for any concern this may cause you. The LAA takes the security of the information we hold seriously, and we understand the potential impact any breach can have on you.”
the letter adds.
An MoJ spokesperson said:
“We take any data breach extremely seriously and have already taken action to bolster the security of the legal aid system. We’re working with the National Crime Agency and National Cyber Security Centre to investigate the situation, and it would be inappropriate to comment further at this stage.”
A National Crime Agency spokesperson added
“We are aware of a cyber incident affecting the Legal Aid Agency. NCA officers are working alongside partners in the National Cyber Security Centre and MoJ to better understand the incident and support the department.”
In a speech to business at CyberUK, an event held in Manchester, Chancellor of the Duchy of Lancaster Pat McFadden has addressed the recent spate of cyber attacks on Co-Op, Harrods and Marks & Spencer’s warning of the severity of cyber attacks, and the impact on business and the wider economy.
“Cyber attacks are not a game. Not a clever exercise. They are serious organised crime. The purpose is to damage and extort. The digital version of an old fashioned shake down. Either straight theft or a protection racket where your business will be safe as long as you pay the gangsters.”
“What we have seen over the past couple of weeks should serve as a wake-up call for businesses and organisations up and down the UK, as if we needed one, that cybersecurity is not a luxury but an absolute necessity.”
