Following her earlier message of 21 May, Beth Quinn at the Law Society has provided a further update on their response to the Legal Aid Agency (LAA) data breach, which came to light on 19 May.

The Law Society has been actively engaging with the LAA to minimise the fallout for legal aid providers and their clients and continues to keep members informed as new information becomes available.

Ongoing Engagement and Member Advocacy

President Richard Atkinson is leading the Law Society’s efforts, which include daily contact with the LAA to raise member concerns and push for urgent remedial action. As a result of sustained pressure, the LAA has:

• Reinstated monthly payments for legal help and crime lower work
• Arranged for the payment of Crown Court bills
• Established a contingency process for certificated work
• Agreed to engage with HM Revenue & Customs to seek support for firms facing VAT and tax payment deadlines
• Implemented contingency arrangements for payments on account of solicitors’ costs and disbursements in civil matters

The Law Society is also making strong representations to Ministry of Justice ministers, MPs, and the media about the severity and impact of the situation.

Ongoing Priorities and Expectations

The Law Society has made clear that the legal aid system cannot function without immediate action from the LAA. Its expectations include:

Immediate priorities

• Restoring processes for applications in criminal and urgent civil/family cases
• Developing contingencies for urgent applications for amendments and prior authority

Short-term requirements

• Restoring payments on account of solicitors’ costs and disbursements
• Reinstating routine processes for legal aid applications and amendments
• Communicating clearly with providers about the extent of the data breach and next steps

Longer-term commitments

• Proposals for compensating providers for financial loss and distress
• Investment in IT infrastructure and continuity planning
• A review of data retention policies, including the justification for holding data back to 2010

For the latest operational information and guidance, members are encouraged to visit the LAA’s dedicated cyber-attack page:

https://www.gov.uk/guidance/legal-aid-agency-cyber-security-incident?utm_source=legal_aid&utm_medium=email&utm_campaign=legalaid_newsletter_05%2f30%2f2025&sc_camp=5E8170BEA62C436F834530726720D4B8

If you have any questions or concerns, please don’t hesitate to contact the Society.