The Legal Aid Agency became aware of a cyber-attack on in April 2025. By May, it became clear that the breach was far more extensive than expected, with the incident potentially affecting everyone who accessed legal aid through digital platforms since 2007.

Since the breach, the government has admitted the Legal Aid Agency IT software was not fit for purpose and has been extremely vulnerable to attack for years. The data illegally accessed could include incredibly sensitive information, such as names, contact details, national insurance numbers, criminal history and employment and financial details.

We aim to hold the Legal Aid Agency to account for their failings.

KP Law is the law firm dealing with your claim against the Legal Aid Agency. We are representing thousands of individuals who have had their data compromised as a result of the Legal Aid Agency’s cyber incident.

When you signed up to the claim (either on jointheclaim.com or legalaid.databreachadvisors.co.uk) you would have seen KP Law’s terms and conditions as part of the registration process.

KP Law is a leading group action law firm. Our team of experienced data breach lawyers has successfully held multiple organisations accountable for failing to protect individuals’ information. We are authorised and regulated by the SRA.

For this claim KP Law is acting under a Conditional Fee Agreement (CFA) – commonly referred to as a No Win, No Fee arrangement. This means, as long as you have upheld your obligations, there will be nothing for you to pay in the event your claim is unsuccessful. If we are successful in securing you compensation, then our ‘success fee’ is calculated as a percentage and deducted from the compensation you are awarded.

During the registration process you would have seen and signed a Conditional Fee Agreement (CFA) which provided further details of this, and you should have received a copy of this via email. If you are unable to locate this, please let us know.

Once you have registered you will receive an email from enquiries@kpl.co.uk. Please make sure you check your spam/junk folder for this. You can also add this to your ‘safe sender’ list to make sure you don’t miss it.

This email will let you know what you need to do next. In most cases, this will be sending us further information about yourself (including the approximate month/year you applied for legal aid), evidence that you received Legal Aid and filling in an online form to let us know how the data breach has impacted you.

We understand that when you have experienced a data breach you may feel nervous about sharing your details. Please rest assured that KP Law only requests the information truly needed to progress your matter and is committed to the highest standards of information security.

If you applied for legal aid in England or Wales at any time between 2007 and May 2025 then you may have been affected. Please note that Legal Aid did not notify individuals following this breach.

We will need evidence that you received/applied for legal aid and there are a number of documents you may have. This could include a copy of your legal aid application, a letter from your legal representative confirming your application or copies of any direct contact you have received from the Legal Aid Agency.

However, we understand that this issue dates back many years, and you may no longer have access to supporting documents.

Please note, these do not need to be physical documents – we expect most of the information available will be copies of emails.

We understand that this issue could date back many years, and as a result you may not have access to supporting documents.

However there are a number of documents that you may hold that could be used as supporting evidence in your claim. This could include a copy of your legal aid application, a letter from your legal representative confirming your application or copies of any direct contact you have received from the Legal Aid Agency.

Please note, these do not need to be physical documents – we expect most of the information available will be copies of emails.

Unfortunately, we are not able to contact your legal representative on your behalf.

We will keep you up-to-date on the progress of your claim regularly.

Unfortunately, claims this large can take some time to resolve so there may be some periods of time where we do not have a significant update to share, but we are committed to moving forward as efficiently and effectively as possible to get you the justice you deserve.

If you have received legal aid you would likely have received confirmation from the Legal Aid Agency or from your legal representative.

Legal aid is financial assistance to help cover legal costs. More information about the areas of law covered by legal aid is available on the government website.

KP Law is a leading group action law firm. Our team of experienced data breach lawyers has successfully held multiple organisations accountable for failing to protect individuals’ information. We are authorised and regulated by the SRA.

For this claim KP Law is acting under a Conditional Fee Agreement (CFA) – commonly referred to as a No Win, No Fee arrangement. This means, as long as you have upheld your obligations, there will be nothing for you to pay in the event your claim is unsuccessful. If we are successful in securing you compensation, then our ‘success fee’ is calculated as a percentage and deducted from the compensation you are awarded.

During the registration process you would have seen and signed a Conditional Fee Agreement (CFA) which provided further details of this, and you should have received a copy of this via email. If you are unable to locate this, please let us know.