All legal support services firms can once again access government’s digital services following the agency’s completion of the implementation of new security platforms, as part of wider tech modernisation ambitions
Following a major cyberattack on the Legal Aid Agency last year, all providers affected by the incident have now completed the move to a new security system allowing them to access government portals.
Using the agency’s online portal, attackers first breached the LAA’s security on New Year’s Eve 2024. The incursion was discovered in April and, from May onwards, many digital services were shut down, as ministers admitted that criminals had also accessed a wide range of data, including information on legal aid providers as well as sensitive personal details of citizens that had applied for support over a 15-year period.
LAA began a phased return of services from September onwards and, in a recent update to parliament, courts minister Sarah Sackman said that, since then, “significant effort has been made to ensure that LAA systems could be restored as quickly and safely as possible, [and] platforms supporting crime applications and most crime billing have now been restored”.
She added: “The same is true for the main civil legal aid system and all legal aid providers have been onboarded to the LAA’s digital portal via a new identity management system. This means that the LAA has been able to close down most of the business continuity measures put in place in 2025. We will continue to assess the remaining contingencies as we restore outstanding internal processes and systems.”
Related content
- Minister: ‘Legal Aid Agency data breach enabled by fragility of IT systems’
- Legal Aid Agency looks to end ‘reliance on USBs and CDs’
- Legal Aid Agency chief admits difficulties understanding impact of cyberattack
The minister also told her colleagues that the recovery process had offered an opportunity to pursue modernisation of the agency’s tech infrastructure, and the services it supports.
“I recognise there is more to do to overcome the challenges the cyber-attack has created and that is why, in parallel to recovery, I have asked officials to consider options to accelerate our transformation programme to replace restored systems with modern, resilient, and flexible technology,” Sackman said.
Her comments echo sentiments expressed by Ministry of Justice chief digital and information officer Mark Thompson in an interview with PublicTechnology in September.
“[The attack] has been really disruptive but, actually, it ran alongside the development of us thinking about transformation,” he said. “So in some respects, it’s been quite helpful because it’s reinforced all our understanding [of the LAA] – and I have a much greater deal of understanding about how it works. And in order to try and restore some of these services, we’ve tackled things that we probably wouldn’t have tackled for years – things that we thought might take us three years and millions of hours to do – we’ve [tackled] through a combination of policy change and business change.”
