Ministry of Justice hit by brazen cyber attack exposing hackers to ‘significant amount’ of personal data

A HACKER group have stolen a "significant" amount of personal data from the Ministry of Justice.

The cyber attack targeted the data of people who have applied for legal aid since 2020.

Ministry of Justice building entrance in London. — A Ministry of Justice source blamed the previous governmentCredit: Getty

The MoJ said it was accessed and downloaded in April this year.

Information taken could include contact details and addresses, dates of birth, national insurance numbers, criminal history, employment status and financial data such as contribution amounts, debts and payments.

The group that carried out the attack has claimed it accessed 2.1 million pieces of data but the MoJ has not verified that figure.

It comes after M&S revealed that customers' personal information was stolen in a huge cyber attack.

The retail chain is still working hard to keep its stores up and running while dealing with the fallout.

The Government became aware of a cyber attack on the Legal Aid Agency’s online digital services on April 23, but realised on Friday that it was more extensive than originally thought.

The LAA’s online digital services, which are used by legal aid providers to log their work and get paid by the Government, have been taken offline.

An MoJ source put the breach down to the “neglect and mismanagement” of the previous government, saying vulnerabilities in the Legal Aid Agency systems have been known for many years.

“This data breach was made possible by the long years of neglect and mismanagement of the justice system under the last government.
“They knew about the vulnerabilities of the Legal Aid Agency digital systems, but did not act,” the source said.

The MoJ is urging anyone who has applied for legal aid since 2010 to be alert for unknown messages and phone calls and to update any passwords that could have been exposed.

The ministry has been working with the National Crime Agency and the National Cyber Security Centre, and has informed the Information Commissioner.

Legal Aid Agency chief executive Jane Harbottle apologised for the breach.

“I understand this news will be shocking and upsetting for people and I am extremely sorry this has happened.

“Since the discovery of the attack, my team has been working around the clock with the National Cyber Security Centre to bolster the security of our systems so we can safely continue the vital work of the agency.

“However, it has become clear that, to safeguard the service and its users, we needed to take radical action. That is why we’ve taken the decision to take the online service down,” she said.

Ms Harbottle said contingency plans are in place to make sure those in need of legal support and advice can continue to access it.

A National Crime Agency spokesman said: “We are aware of a cyber incident affecting the Legal Aid Agency.

“NCA officers are working alongside partners in the National Cyber Security Centre and MoJ to better understand the incident and support the department.”

Co-op also faced a hacking attempt and was forced to shut down part of its IT system at the end of April.

It told staff at the time it had "taken proactive steps to keep our systems safe".