The Ministry of Justice (MoJ) was hit by a massive cyberattack that is thought to have stolen millions of pieces of personal data from legal aid applicants.
The national insurance numbers, criminal records, employment status and other personal data of Legal Aid Agency applicants were breached earlier this year, according to the government department.
The government became aware of a cyberattack on the Legal Aid Agency’s online digital services on 23 April, but realised on Friday that it was more extensive than originally thought.
Here, The Independent takes a closer look at the type of data stolen and what applicants should do if they suspect their information could have been leaked.
What kind of data has been stolen?
The group behind the cyberattack said it stole 2.1m pieces of data from legal aid applicants who have used the Legal Aid Agency’s online service since 2010.
The stolen information could include contacts’ details and addresses, dates of birth, national ID numbers, criminal history, employment status and debts, according to the MoJ.
What to do if your data has been stolen
Although it is hard to know if your data has been breached, the MoJ has urged all legal aid applicants to take steps to “safeguard themselves”.
It said applicants should be alert for any suspicious activity, including unknown messages or phone calls, and update any potentially exposed passwords.
The department also said applicants should take extra care when providing information to people over the phone or online, and to verify their identity independently.
What is the MoJ doing about the cyberattack?
Jane Harbottle, chief executive officer of the Legal Aid Agency, apologised for the breach and said the service had been taken down.
“We have put in place the necessary contingency plans to ensure those most in need of legal support and advice can continue to access the help they need during this time,” she said.
The MoJ said it was working with the National Crime Agency and National Cyber Security Centre to investigate the attack.
