Latest news with #Legal Aid Agency
Times
2 days ago
- Times
Hackers threaten to publish legal aid files unless member is freed
A group of hackers who stole more than two million records from the Legal Aid Agency have threatened to publish the information unless one of their members is 'freed'. Members of the ShinyHunters cybercrime group made the threat on a new Telegram channel, marking the first public claim for the attack on the agency, which happened in April. The group said in the Telegram post that if the Ministry of Justice (MoJ) did not 'free' an individual, whom The Times is choosing not to name, by 6am on Monday 'we will leak all the GitHub repositories and the Legal Aid Agency Ministry of Justice database'. The threat did not appear to have been carried out as the deadline passed. The hack has caused chaos in legal circles and the data stolen is highly personal, including criminal history and financial information, such as debt and payment records. Large parts of the legal aid system remain offline, leading some barristers to say they are not being paid. The group demanded about £1.5 million in bitcoin as a ransom from the MoJ, but the public sector does not pay cybercriminals and will soon be prevented from doing so by law. The hackers on Telegram appeared to try to confirm who they were by publishing an injunction taken out on them by the MoJ to prevent publication of the stolen data. ShinyHunters has been linked to a wave of recent hacks on Qantas, Allianz Life, LVMH, Adidas and Google. In particular, it has been targeting client relationship data that companies hold and manage via Salesforce software. Hackers pretend to be a member of IT support for the company and convince a member of staff to install a piece of software that looks like an official Salesforce app. However, it is a piece of malicious software that extracts data. In June, Google Threat Intelligence appeared to anticipate the new channel, saying: 'We believe threat actors using the 'ShinyHunters' brand may be preparing to escalate their extortion tactics by launching a data leak site. These new tactics are likely intended to increase pressure on victims.' The ShinyHunters' tactics resemble the methods used by Scattered Spider, a group that has been accused of carrying out retail hacks on Marks & Spencer, Co-Op and Harrods. Four people have been arrested in connection with retail hacks. The two groups have been linked by security experts because they appear to have some common members and are part of a loose collective of cybercriminals known as The Com. ShinyHunters has also been linked to the recent hack on Ticketmaster and other large companies that were using Snowflake, the data storage firm. The MoJ was approached for comment.
Sky News
06-05-2025
- Business
- Sky News
Legal Aid Agency hit by cyber security incident
The government agency responsible for overseeing billions of pounds worth of legal funding has been hit by a cyber security incident. The Ministry of Justice (MoJ) said it is working with the National Crime Agency and National Cyber Security Centre to investigate the data breach. In a letter sent to law firms last week, which has been seen by Sky News, the Legal Aid Agency (LAA) warned it had identified a "security incident". The organisation, which provides legal aid in civil and criminal cases in England and Wales, said "it is possible that financial information relating to legal aid providers may have been accessed by a third party". The LAA said it could not confirm "what, if any, information was accessed", but said it was "possible that payment information may have been accessed". There are nearly 2,000 providers, including solicitors' firms, barristers, not-for-profit organisations and telephone operators, contracted to deliver legal aid services in England and Wales, according to government data. The LAA, which is an executive agency, sponsored by the MoJ, is responsible for administering legal aid funding, which was around £2.3bn in 2023/24. Law firms are an attractive target for cyber attacks because they hold sensitive client information and handle large sums of money. "This incident is being investigated in accordance with our data security processes, and action has been taken to mitigate the incident," the letter said. "I would like to offer our sincere apologies for any concern this may cause you. "The LAA takes the security of the information we hold seriously, and we understand the potential impact any breach can have on you." The public body's head office is in London but it has others in towns and cities across England and Wales and employs around 1,250 staff. An MoJ spokesperson said: "We take any data breach extremely seriously and have already taken action to bolster the security of the legal aid system. "We're working with the National Crime Agency and National Cyber Security Centre to investigate the situation, and it would be inappropriate to comment further at this stage." A National Crime Agency spokesperson said: "We are aware of a cyber incident affecting the Legal Aid Agency. "NCA officers are working alongside partners in the National Cyber Security Centre and MoJ to better understand the incident and support the department."
