Guidance

Legal Aid Agency cyber security incident: frequently asked questions

Frequently asked questions about the Legal Aid Agency cyber security incident.

• From: Ministry of Justice and Legal Aid Agency
• Published: 22 May 2025
• Last updated: 30 May 2025 — See all updates

Client data breach

Who might have been impacted by this breach? 

We believe the group has accessed and downloaded a significant amount of personal data from those who applied for legal aid through our digital service since 2010.

This data may have included contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history, employment status and financial data such as contribution amounts, debts and payments.

What provider information has been breached?

We communicated to legal aid providers on 30 April that we believe that some financial details of providers may have been exposed including bank account numbers and sort codes. We have recommended providers remain vigilant for any unusual activity on their accounts.

What steps should I take to protect myself? 

We would recommend anyone who believes they could be involved in this data breach to take steps to protect themselves. This includes being alert for any suspicious activity, messages or phone calls and taking steps to update passwords. If in doubt about anyone you are communicating with online or over the phone, to verify their identity independently before engaging further with them. The National Cyber Security Centre’s webpage contains information on how to protect yourself from the impact of a data breach. The webpage can be found at https://www.ncsc.gov.uk/guidance/data-breaches.  

Are provider IT systems at risk?

There is no direct risk. There is no direct connection from LAA systems to any provider system – it is a one-way provider to LAA connection only.

Do legal aid providers need to contact clients?

There is no contractual obligation on providers to report this incident to the ICO or to inform clients. The data impacted by this incident is either owned by the LAA or is considered Shared Data within the definition of the contract. The contract at clause 16.3 of the standard terms sets out that the responsibilities of the data controller will be exercised by the party in possession of the data – in this case by MoJ as the data controller for LAA. MoJ has notified the ICO of the incident, and has notified data subjects through the public announcement on GOV.UK on 19 May. 

Legal aid operations and communications

How should I bill Legal Help escape cases?  

Providers should continue to submit escape fee claims via Galaxkey and email. These will continue to be processed by LAA for payment under the normal timeline. Providers can continue to submit escape fee claims if they have not been uploaded onto CWA due to the portal outage.   

Are there any issues with Qualified Legal Representative (QLR) claims? 

No, the Qualified Legal Representative scheme is unaffected and claims can be submitted as normal. 

How can I progress ECF controlled work applications?  

You can continue to submit ECF controlled work applications in the usual way. For urgent cases, please contact us on ContactECC@justice.gov.uk. In circumstances where you would ordinarily use CCMS, please submit an urgent application using the appropriate application forms and submit to this email address. Guidance on the forms to use is available at this link: Legal aid: apply for exceptional case funding

How can I make claims for Payments on Account (POAs) and final claims? 

Due to the current portal outage, the LAA is unable to process claims for payment, including POAs in the usual way. The Average Payments for Civil Representation contingency scheme has been calculated to include any POA payments or interim/final bill payments that a provider or member of the independent Bar would otherwise has received.  

More information on how the scheme, including how it is calculated, and what to do if you do not believe it is appropriate for you, is available here: Contingency Payment - Providers Guide 

Where we have a new client and urgent work needs to be carried out and we need to decide whether to apply for an Emergency/ Substantial application, what do we do?  

Under Current contingency arrangements, if the provider has a new client and there is urgent work they should exercise Delegated Functions if reasonable to do so and start the work required, this application should be uploaded through CCMS when access is restored to the portal. We are waiving the need for providers to submit the application to us within 5 working days. 

If providers are unable to exercise Delegated Functions the provider should contact the LAA CST team to explain the urgency and why they cannot use delegated functions to obtain a contingency reference number, they will then be advised to submit the relevant application form and email it to ContactCivil@Justice.gov.uk quoting the contingency reference number, where they will receive a decision by return email.  

Where a client has a Final Hearing and we are unable to amend their certificate to include the Final Hearing scope, will this be honoured and the Final Hearing be covered later?    

Providers are able to submit the amendment for a decision at a later date and we’ll exercise the backdating provisions. 

If the provider wants the LAA to make the decision, if they are unsure of the merits criteria is being met they should contact the LAA CST team to explain the urgency to obtain a contingency reference number, they will then be advised to submit the relevant application form and email it to ContactCivil@Justice.gov.uk where they will receive a decision by return email. Providers in these circumstances should try and provide a copy of their most recent certificate, any reports or evidence to support coverage to Final hearing.   

Why is the Portal offline? 

A message updating providers on the position was sent on Monday, 19 May. Following the planned weekend outage last week the decision was taken to keep the Portal offline at this time. Providers will receive a further update on access to the system on Thursday 22 May. 

Why did two payments appear in my account w/c 19 May?

Following the extended downtime of the LAA Portal on 8 and 9 May, the LAA worked hard to process as much of the backlog as possible to ensure providers received the payments they are due. To do this it is was necessary to undertake two payment runs.

What bills will be paid in the payment run for on 27 May?

Civil Representation and Crown Court Bills authorised up to Friday, 16 May.

Can I submit claims for crime VHCCs? 

Yes, please submit your claim as usual to your Case Manager.  VHCC claims are able to be assessed and paid via a contingency route. 

Are Central Fund claims impacted? 

The central funds claimed assessed and administered by the LAA are not impacted.  Please submit as usual.   

Is Secure File Exchange via Galaxkey still operational? 

Yes, the Secure File Exchange, via Galaxkey is operating as normal.

I did not receive the email notification, why not?  

All providers and barristers registered on the portal were sent the message. Please check whether your spam filters have blocked incoming emails from the LAA. You will need to ensure you are able to receive messages from communicationsdepartment@justice.gov.uk and legalaidbulletin@labulletin.org.uk to ensure that you receive future correspondence. Alternatively, please speak to your LAA Contract Manager in the first instance if you think you are not receiving LAA emails to ensure that your correct details are on file. 

Can I correspond with the LAA by email? 

Yes, there is no concern with email communication.

Will the LAA provide a set of communications for legal aid practitioners that they can give to clients if they are contacted?

Guidance for clients and providers is available at Legal Aid Agency cyber-security incident - GOV.UK.

We have recently received a payment run from the LAA for criminal legal aid fees, but the reconciliation notification did not come through afterwards. What is the latest update on that situation?

There has been a one day delay in posting remittance advice for the payment run on Tuesday 27 May, but otherwise they will be arriving by DX or Royal Mail as usual. If a provider still has a query about a payment they have received they can contact paymentinformation@justice.gov.uk who will be able to provide remittance advice. 

Should providers continue to submit claims for Advocates Graduated Fee Scheme claims in criminal defence Crown Court cases, which uses a different portal?

CCCD remains available, please do continue to submit claims there. The LAA will be able to process these when internal systems are available.

How does the current incident impact on HLPAS payments?

HLPAS payments will be paid as normal. Claims made as part of the CWA contingency submission on Tuesday 20 May will be paid on or before Thursday 29 May.

Claims made on spreadsheet can continue to be submitted in the usual manner. Your payment will be picked up on the next payment run after receipt and processing which may result in you receiving your payment earlier than you currently do.

Should clients continue to make contributions?

Contributions for existing certificates will continue as normal, however, it would be appreciated if clients could be advised to take particular care to provide valid payment references such as Case ref, CCMS account number or invoice number. 

Published 22 May 2025

Last updated 30 May 2025 + show all updates

1. 30 May 2025

   Updated 'Legal aid operations and communications' section of FAQ.

2. 29 May 2025

   Frequently asked questions have been updated.

3. 27 May 2025

   More FAQs have been added.

4. 23 May 2025

   More FAQs have been added.

5. 22 May 2025

   First published.