The UK Ministry of Justice has shut down its Legal Aid Agency’s online services following a major cyberattack that exposed sensitive personal data spanning 15 years. The breach, initially discovered on April 23, was confirmed to be more extensive than first believed after further analysis on May 17, reports Sky News.
The compromised data includes national insurance numbers, criminal records, birth dates, addresses, and financial details of applicants for legal aid, as well as information related to legal service providers.
Jane Harbottle, Chief Executive of the Legal Aid Agency, apologized for the breach, calling the situation “shocking and upsetting” and stated that drastic measures were necessary to protect users.
Hackers claimed to have accessed over 2.1 million records, though the government has not verified that figure. The National Crime Agency and the National Cyber Security Centre are actively investigating.
The online portal used by lawyers to log work and claim payments has also been suspended. The system's fragility has previously delayed critical reforms, according to Richard Atkinson, President of the Law Society of England and Wales.
“If it is now also proving vulnerable to cyberattack, further delay is untenable,” Atkinson said, calling for urgent modernization of the agency’s IT infrastructure.
Authorities have not confirmed when services will resume but emphasized that protecting the integrity of legal aid systems and user data remains the top priority.
Bd-pratidin English/ Jisan