HQ/EMEAFind out how we can help your business
The Legal Aid Agency (LAA) is the latest UK-based organisation that has allegedly suffered a cyberattack.
The affected entity, the UK’s Ministry of Justice, which oversees significant legal funding, has notified law firms about a potential cybersecurity breach, indicating that attackers may have gained access to financial information.
Approximately 2,000 providers, including barristers, solicitors, and non-profits, deliver civil and criminal legal aid in England and Wales under contracts with the LAA. The agency has 1,200 people and oversees the country’s Public Defender Service.
LAA is still uncertain about the alleged cyberattack’s effect on stored data.
In a message sent to law firms, the LAA indicated it could not verify if any data had been accessed. However, it recognised the possibility that payment information for legal aid providers may have been compromised.
In addition, the notification letter stated that the agency is investigating the situation according to its data security protocols and has already taken steps to mitigate its impact.
It emphasised its commitment to the security of its information and acknowledged the potential consequences of a data breach for those affected.
On the other hand, the UK National Crime Agency revealed that it works alongside the MoJ and the UK’s NCSC to investigate the incident and support the LAA’s ongoing response. It stated that its officers collaborated with NCSC and the Ministry of Justice (MoJ) partners to understand the event better and provide departmental assistance.
This incident occurred after several high-profile cyberattacks against Co-op, Harrods, and Marks & Spencer (M&S), three British retail chains.
The DragonForce ransomware group has claimed responsibility for all three assaults. Further research also confirmed that the same social engineering tactics were utilised to breach Co-op and M&S.
The NCSC has released guidance urging all UK organisations to adopt it to strengthen their cybersecurity resilience.
The agency has also warned that these cyberattacks should be a wake-up call for all UK businesses since any of them could be potential targets for threat actors trying to execute their malicious objectives.
