The United Kingdom’s Legal Aid Agency (LAA) has confirmed that a cyber attack is more serious than before, hackers have stolen a large contingent of data sensitive data in data breech.
This confirmation of the data breech incident comes from the UK government, which was closely involved in those investigations after initial disclosure.
The LAA is an executive agency of the UK Ministry of Justice, who is responsible for giving legal aid as advice, representation and justice for those who cannot pay for it themselves.
The eligibility for legal aid is related to the qualification of the case with the income and assets of the recipient, the law, housing, loan, immigration, mental health and criminal law.
Earlier this month, the agency revealed that it faced a security incident where limited financial information could be revealed.
An update published in a portal of the UK government has a more strict picture of the situation, stating that large amounts of data, dating from 2010 and then, can be compromised.
“On Friday 16 May, we came to know that the attack was originally wider than being understood and the Group behind it reached a large amount of information related to the legal aid applicants,” Reads the announcement,
“We believe that the group has access and download an important amount of personal data from those applying for legal aid through our digital service since 2010.”
The data that can be exposed contains applicants
- Contact details
- Date of birth
- National ID number
- Criminal history
- Employment Status
- Contribution amount, loan and payment
The UK government advises all the applicants to be cautious for the efforts of possible scam. It recommends verification of all communications before sharing any sensitive information with the other side.
Jane Harbotal, Chief Executive Officer of the Legal Aid Agency, apologized for the situation, stating that he “sorry that this has happened,” and promises to provide more updates soon.
Meanwhile, all the LAA systems have been secured with the help of the National Cyber Security Center (NCSC), and the online application service has been temporarily taken offline.
The phenomenon came at a time when the UK retailers such as co-ups, harods, and Marx and Spencer (M&S), dealt with frightening attacks, were believed to have been done by danger actors associated with scattered spider, who tried to deploy the Dragonforce ransomware on the compromised networks.
It is not clear that the LA incident is related to attacks that according to Google Security Researchers, now have gone to target the US.
Based on the analysis of 14M malicious tasks, search for the top 10 MITERAT & CK techniques behind the 93% attacks and how to defend them against them.
