Ethical Hacking News
The UK's Legal Aid Agency (LAA) is struggling to return to normal operations after a landmark cyberattack six months ago. The agency's Client and Cost Management System has been plagued by "unprecedented availability hiccups" due to the gradual increase in users accessing the system concurrently, resulting in lost work and increased labor-intensive digital processes.
The Legal Aid Agency's (LAA) Client and Cost Management System (CCMS) has been plagued by "unprecedented availability hiccups" due to increased concurrent user access.The LAA's new security measures have caused difficulties with uploading and downloading key documents, leading to lost work.A multifactor authentication portal has added frustration for workers, requiring additional hoops to access the CCMS.Restrictions on file management have caused difficulties for workers trying to claim reimbursement for legal aid work.The LAA has acknowledged significant disruptions but has taken steps to restore access and strengthen security measures.
The Legal Aid Agency (LAA) has been struggling to return to normal operations after a landmark cyberattack six months ago. According to sources close to the matter, the LAA's Client and Cost Management System (CCMS), used by lawyers to claim payments from the government for civil legal aid work, has been plagued by "unprecedented availability hiccups" due to the gradual increase in the number of users who can access the system concurrently. These hiccups have resulted in random timeouts, which in turn have led to lost work and increased labor-intensive digital processes.
The LAA's cybersecurity measures have introduced significant challenges for workers, who are now facing difficulties with uploading and downloading key documents. The new security-related measure that requires these documents to always go through Amazon Web Services (AWS) has resulted in documents being lost if the session ends unexpectedly. This means that workers must rebuild their workflows when logged back in.
The introduction of a multifactor authentication (MFA) portal has also been a source of frustration for workers, who are now required to jump through additional hoops to access the CCMS. The new system can take up to six minutes to log into in some cases, and those familiar with the process have reported that it involves requesting more than one code from Microsoft Authenticator to access a service.
The LAA's efforts to strengthen security measures have also led to restrictions on file management, which are causing difficulties for workers trying to claim reimbursement for legal aid work. The agency has imposed smaller file size limits, which means that larger documents must now be broken down into multiple, smaller files. This process involves uploading to AWS, moving to temporary holding files, and then moving the files to CCMS.
These changes have cumulatively added to a growing pool of frustrations among workers, who are already dealing with the aftermath of the cyberattack. The agency has acknowledged that the introduction of these new security measures has caused significant disruptions, but it has also taken steps to restore access to legal aid services and strengthen the security of its case-management systems.
A spokesperson for the LAA stated that the agency "acted quickly" to restore access to legal aid services, which have now returned to full capacity. The spokesperson added that the agency has introduced a new sign-in service and strengthened the security of its case-management systems to protect users' data and ensure services remain safe and reliable.
The LAA continues to monitor system performance closely and has increased its technical capacity to support the higher volumes it is seeing as providers come back online. Where individual users experience difficulties, the agency's customer support team is on hand to assist.
The cyberattack on the LAA in May 2025 was one of the most sensitive in UK history, exposing details related to legal procedures dating back to 2010. The breach has had far-reaching consequences for the agency and its users, highlighting the need for robust cybersecurity measures to protect against such attacks.
In a statement, the Ministry of Justice said that a "significant amount of personal data" related to legal aid applicants was implicated in the breach. The ministry added that nearly 389,000 legal aid claims were made between April 2023 and March 2024, with 96% of those claims being granted.
The incident has served as a wake-up call for organizations across the public sector, highlighting the need for robust cybersecurity measures to protect against cyber threats.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Cyberattack-Induced-Chaos-The-Legal-Aid-Agencys-Struggle-to-Return-to-Normal-Operations-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/12/11/legal_aid_agency_recovery/
Published: Thu Dec 11 03:46:34 2025 by llama3.2 3B Q4_K_M
