Legal aid data breach
Discussion
https://www.theguardian.com/law/2025/may/19/signif...
"A Ministry of Justice source put the breach down to the “neglect and mismanagement” of the previous government, saying vulnerabilities in the Legal Aid Agency’s (LAA) systems have been known for many years."
How bad must the security on these sites be, I wonder what organisation is next?
"A Ministry of Justice source put the breach down to the “neglect and mismanagement” of the previous government, saying vulnerabilities in the Legal Aid Agency’s (LAA) systems have been known for many years."
How bad must the security on these sites be, I wonder what organisation is next?
Mr Penguin said:
A lot of hacks and data breaches going on at the moment. Are they all connected?
Its not really an "at the moment" thing, data breaches are disgustingly common, only the really big ones get reported on in the national press. The "regular" ones are reported on quite frequently by the tech press.geeks said:
Its not really an "at the moment" thing, data breaches are disgustingly common, only the really big ones get reported on in the national press. The "regular" ones are reported on quite frequently by the tech press.
Quite...if you are bored check out the ICO website, they post details of action they've taken against companies for data breaches.
ozzuk said:
geeks said:
Its not really an "at the moment" thing, data breaches are disgustingly common, only the really big ones get reported on in the national press. The "regular" ones are reported on quite frequently by the tech press.
Quite...if you are bored check out the ICO website, they post details of action they've taken against companies for data breaches.
ozzuk said:
Quite...if you are bored check out the ICO website, they post details of action they've taken against companies for data breaches.
Interesting site.Not that many fines / enforcements really given how much skulduggery goes on with unsolicited calls and such Probably because call originates overseas?
Fines are eye watering though. Some £200K
https://ico.org.uk/action-weve-taken/enforcement/
Yes. I am bored
55palfers said:
ozzuk said:
Quite...if you are bored check out the ICO website, they post details of action they've taken against companies for data breaches.
Interesting site.Not that many fines / enforcements really given how much skulduggery goes on with unsolicited calls and such Probably because call originates overseas?
Fines are eye watering though. Some £200K
https://ico.org.uk/action-weve-taken/enforcement/
Yes. I am bored
The Legal Aid breach is extremely worrying. The opportunity for extortion and blackmail is enormous.
- Threats to Domestic Abuse victims that their details will be sent to their abuser.
- Witnesses to crimes.
- Those accused, but not charged/convicted, of crimes.
Regardless, such data breaches enable criminals to target vulnerable people to rob them or commit fraud using their details
But it's ok you can trust the Government's backdoors into encrypted data wouldn't get hacked.
Countdown said:
I do often wonder what would happen if companies didn't self-report data breaches to the ICO....
In general, the ICO's punishments are not that draconian. Follow their guidelines and act in good faith and you generally receive a requirement to change some procedure. Failures of protection against well-funded and probably state-sponsored hacking is a fact of business life and, if you've documented the methods you used, and the procedures you followed when you first noticed the data breach, then, assuming you followed their advice, it is little more than a slap on the wrist.Act deliberately outside the guidelines, especially in self-interest, including not reporting a data breach, then you are hit. If information is released and the ICO's investigations reveal the source, which has happened, then maximum fines are the norm.
Send out spam emails in bulk, or make telephone calls, particularly via automated systems, and they'll make you eyes water. And quite rightly.
The site is a mass of guidelines, and tick box instructions. Don't follow them at your own risk. I've contacted them in the past with questions and the replies have been prompt, clear and easily followed.
Rivenink said:
So they should be.
The Legal Aid breach is extremely worrying. The opportunity for extortion and blackmail is enormous.
- Threats to Domestic Abuse victims that their details will be sent to their abuser.
- Witnesses to crimes.
- Those accused, but not charged/convicted, of crimes.
Regardless, such data breaches enable criminals to target vulnerable people to rob them or commit fraud using their details
But it's ok you can trust the Government's backdoors into encrypted data wouldn't get hacked.
Your last sentence illustrates the complete shallowness of government understanding of people and IT. Scary.The Legal Aid breach is extremely worrying. The opportunity for extortion and blackmail is enormous.
- Threats to Domestic Abuse victims that their details will be sent to their abuser.
- Witnesses to crimes.
- Those accused, but not charged/convicted, of crimes.
Regardless, such data breaches enable criminals to target vulnerable people to rob them or commit fraud using their details
But it's ok you can trust the Government's backdoors into encrypted data wouldn't get hacked.
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff