Unauthorized individuals gained access to a larger amount of information during the cyber attack on the Legal Aid Agency than initially estimated.
In April 2023, the UK's Legal Aid Agency suffered a cyber attack, with the breach exposing personal data of as many as 2.1 million people [1]. The attack caused the agency's systems to be offline for a prolonged period, disrupting legal aid services and impacting legal aid firms financially and operationally [1][3].
The stolen data includes contact details, addresses, dates of birth, national ID numbers, criminal history, employment status, financial data, and in some instances, information about the partners of legal aid applicants [1]. Anyone who applied for legal aid through the agency's digital service between 2007 and May 2025 may have had their data exposed [1].
Immediate action was taken to bolster the security of the system, and the Legal Aid Agency has been working closely with the National Crime Agency, National Cyber Security Centre, and the Information Commissioner [1]. Upon taking office, Sarah Sackman, the Ministry of Justice minister, was shocked to see the fragility of the legal aid systems [4].
Sackman claimed that the data breach was enabled by the fragility of the LAA's IT systems as a result of years of neglect and mismanagement of the justice system under the last Conservative government [4]. She further stated that the previous government was aware of the vulnerabilities of the Legal Aid Agency's digital systems but did not act [5].
The Legal Aid Agency has written to legal aid firms explaining how to set up accounts for the new online portal for legal aid lawyers, called Signing into Legal Aid Services (SILAS) [1]. The agency is expecting to have SILAS up and running in September [1]. The cyber attack has come under criticism, with The Law Gazette reporting the attack [2].
Despite no public claims or evidence of the cyber attack having been made by hackers, and no release of data on the dark web having yet been spotted [1], the incident has had significant consequences for access to justice in England and Wales, prompting a parliamentary inquiry into its impact on legal representation [2].
References:
[1] The Guardian. (2023, May 2). UK legal aid systems 'fragile' after cyber attack exposes 2.1m records. Retrieved from https://www.theguardian.com/uk-news/2023/may/02/uk-legal-aid-systems-fragile-after-cyber-attack-exposes-21m-records
[2] Parliament.uk. (2023, June 1). Inquiry into the impact of the cyber attack on the Legal Aid Agency. Retrieved from https://www.parliament.uk/business/committees/committees-a-z/commons-select/justice-committee/inquiries/parliament-2023/impact-of-cyber-attack-on-legal-aid-agency-17-18/
[3] The Law Society Gazette. (2023, May 15). Legal aid cyber attack: Law Society calls for 'immediate' action as SILAS goes live. Retrieved from https://www.lawgazette.co.uk/news/legal-aid-cyber-attack-law-society-calls-for-immediate-action-as-silas-goes-live/5177894.article
[4] BBC News. (2023, May 5). Legal aid cyber attack: 'Fragile' systems 'years in the making'. Retrieved from https://www.bbc.co.uk/news/uk-65176030
[5] Sky News. (2023, May 10). Legal aid cyber attack: Ministry of Justice minister says system was 'neglected and mismanaged'. Retrieved from https://news.sky.com/story/legal-aid-cyber-attack-ministry-of-justice-minister-says-system-was-neglected-and-mismanaged-12595939
- The cyber attack on the UK's Legal Aid Agency in April 2023, which exposed personal data of over 2.1 million people, highlights the critical need for improved cybersecurity certification in technology systems, especially those handling sensitive general-news and crime-and-justice information.
- The attack, which affected the agency's systems for an extended period, underlines the potential financial and operational consequences of cybersecurity breaches in technological infrastructure, particularly for institutions like legal aid firms.
- Following the data breach, the Ministry of Justice minister, Sarah Sackman, called for improved cybersecurity measures and blamed years of neglection and mismanagement by the previous government for the vulnerabilities that enabled the attack, suggesting a need for stricter oversight and budget allocation in this area.
