The Legal Aid Agency (LAA) has been hit by a cyber attack that may have compromised personal data from anyone who applied for legal aid via its digital service over the last 15 years. This service is a key support for people needing civil and criminal legal assistance across England and Wales.
They discovered the breach on April 23, 2025. Immediately, they took their online services offline. Working with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC), their IT team acted fast to improve system security while reaching out to affected legal aid providers.
At first, they thought only legal aid providers were impacted. But by May 16, investigators found that attackers had accessed sensitive data on legal aid applicants dating back to 2010. This data includes details like contact information, birthdates, national ID numbers, and even financial records.
LAA CEO Jane Harbottle expressed deep regret over the situation. She recognized how unsettling this news is for those affected and reassured everyone that her team is working tirelessly to enhance security. Given the seriousness of the breach, the agency decided to shut down the online service to protect users.
Harbottle emphasized the agency’s commitment to ensuring that individuals still receive the legal support they need during this disruption. They also urged anyone who applied for legal aid since 2010 to take measures to protect themselves, as the nature of the compromised data could be targeted by scammers and fraudsters.
There’s no information yet on whether this incident involves ransomware. Experts suggest that determining the exact nature of the breach is critical. It could range from early detection of ransomware to straightforward data theft. Understanding the nature of this attack is essential for evaluating broader implications for government digital security.