The group demanded that the UK justice ministry release of one of its members
The cybercrime group ShinyHunters has supposedly threatened to leak UK Legal Aid Agency records unless the justice ministry frees one of its members, reported the Law Society Gazette.
Per The Times, the group said on Telegram that if the anonymous member was not released by 6:00am on Monday morning [August 11], it would “leak all the GitHub repositories and the Legal Aid Agency Ministry of Justice database,” according to a snippet published by the Gazette. The group did not follow through although the deadline passed, and the Gazette reported that the legitimacy of the group’s posts could not be verified.
In a cyberattack discovered on April 23, ShinyHunters obtained over two million records from the LAA possibly dating all the way back to 2007. The information accessed included the data associated with applicants’ partners.
The agency’s portal was taken offline in May, which has resulted in lawyers being bogged down with additional administrative work. According to Jenny Beck, director of London family law boutique Beck Fitzgerald, her staff was processing applications and progressing cases through phones and paper.
“The only reason family legal aid survives is because some of the work can be done privately and firms cross-subsidise. On its own, family legal aid is entirely unsustainable. The data breach could be the final straw for practitioners,” Beck said in a statement published by the Gazette last month.
Per the Gazette, the portal may not be operational until September.
The hack is being investigated by the National Crime Agency, while the Commons justice select committee will review the LAA and justice ministry’s response in line with its major access to justice inquiry. An injunction has been implemented to block the use, publication or disclosure of the stolen data, and those who violate the injunction will be charged with contempt of court.
“We will not negotiate with criminals or engage with their ransom demands. It is illegal to share this data and anyone who does so could be sent to prison,” a Ministry of Justice spokesperson told the Gazette.
