Legal Aid Agency cyber security incident: what you need to know
The Legal Aid Agency (LAA) has been managing a cyber security incident, which involves an attack on the Agency’s digital services. These digital services are used by legal aid providers, such as law firms, to log their work and receive payment from the Government.
The Legal Aid Agency now has a better understanding of the severity of the attack and is asking legal aid providers and clients to take action to safeguard themselves.
Legal Aid Agency data breach: what’s happened?
The Legal Aid Agency has suffered a cyber attack. A cyber attack happens when there is an unauthorised action against a digital system, such as a computer, phone or online account.
A cyber attack (also known as a data breach) might involve someone or a group stealing your information (e.g. passwords and bank details), crashing a website to cause disruption and/or locking files and demanding money to unlock them (also known as ransomware).
The LAA believes that the group behind their attack has accessed and downloaded a significant amount of personal data from those who have applied for legal aid through their digital service since 2010. This data may include:
- Contact details of applicants
- Applicants’ dates of birth
- Applicants’ criminal history
- The employment status of applicants
- Applicants’ financial data, e.g. debts
The Agency is working with the National Crime Agency and the National Cyber Security Centre to manage any further risks. They have also taken down their online portal.
If you need to access your LAA account or details, you can call their customer service number: 0300 200 2020.
What you need to do if you’ve applied for legal aid since 2010
If you are one of our clients who has applied for legal aid for your family law matter (including children law and domestic abuse), your solicitor may have already informed you of the data breach and advised you on what to do next. However, as this cyber attack affects legal aid applicants as far back as 2010, you may not have been contacted.
If you have applied for legal aid since 2010, whether yourself or through a third party such as a solicitor, here’s what you need to do to protect yourself:
- Change your password if you use the same one for the Legal Aid Agency as anywhere else.
- Stay alert for suspicious activity, such as phone calls and messages from unknown numbers (if you cannot verify their identity, hang up).
- Look out for official-sounding messages about ‘resetting passwords’ or ‘missing deliveries’ and do not take any action you are asked to, unless you are sure they are from a legitimate source and you are expecting them.
- Watch out for emails or messages asking you to take quick action; remember: if your bank or another official provider needs you to take quick action, they will phone you and will never ask you to supply personal information via email or message.
- Check your online accounts to confirm there has been no unauthorised activity, especially if you use the same password for your LAA account. Red flags include:
- Being unable to log into your accounts
- Changes to security settings
- Attempted logins from different locations or at unusual times
Find out more about protecting yourself from the impact of data breaches here
Further information
If you are concerned about how the Legal Aid Agency cyber attack might affect an existing legal aid application you have with Barcan and Kirby, contact your usual solicitor or call us on 0117 325 2929.