Asked by: Nick Timothy (Conservative - West Suffolk)
Question to the Ministry of Justice:
To ask the Secretary of State for Justice, what steps his Department has taken to restore Legal Aid Agency digital services since the data breach on 23 April 2025.
Answered by Sarah Sackman - Minister of State (Ministry of Justice)
We acknowledge and appreciate the constructive way that providers have worked with us following the serious criminal attack on the Legal Aid Agency’s (LAA) digital systems. They have continued to do vital work in challenging circumstances.
The LAA and Ministers have proactively engaged with representative bodies throughout to address any concerns regarding the criminal attack on LAA systems. Our focus was first to maintain access to justice and then to ensure providers had access to the cash flow that they needed. The LAA sought views and feedback from provider representative bodies to help shape contingency measures and supporting guidance in a way which supports legal aid providers most effectively. Regular updates have been provided to legal aid providers via email and published on the LAA’s dedicated cyber incident webpage and FAQ page.
The Department has worked around the clock to ensure that digital services were restored as swiftly and safely as possible. The LAA Portal has been replaced by a new, secure single sign-in tool for LAA online services (SiLAS). We worked closely with providers to test functionality before bringing providers back onto our systems in a careful, phased approach. We are now in a position where all our civil systems accessible via SiLAS are operational alongside our crime systems, which were restored in September.
Asked by: Gregory Campbell (Democratic Unionist Party - East Londonderry)
Question to the Ministry of Justice:
To ask the Secretary of State for Justice, how many perpetrators of cyber crime were (a) prosecuted and (b) convicted in (i) 2022, (ii) 2023 and (iii) 2024.
Answered by Jake Richards - Assistant Whip
There are no offences specifically defined in legislation as “cyber crime,” however the Computer Misuse Act 1990 has a number of offences that could be considered as such.
The Ministry of Justice routinely publishes data concerning prosecutions and convictions available here: Criminal Justice Statistics.
Asked by: Richard Holden (Conservative - Basildon and Billericay)
Question to the Ministry of Justice:
To ask the Secretary of State for Justice, what assessment he has made of the potential impact of the cyber-attack on the Legal Aid Agency’s digital systems on the finances of legal aid firms; how many providers have received (a) partial and (b) emergency contingency payments since that incident; and what additional financial support he plans to provide to firms undertaking legal aid work without payment.
Answered by Sarah Sackman - Minister of State (Ministry of Justice)
We acknowledge and appreciate the constructive way that providers have worked with us following the serious criminal attack on the Legal Aid Agency’s (LAA) digital systems. They have continued to do vital work in challenging circumstances.
From the outset the LAA has consulted with providers and provider representative bodies to understand their concerns. These consultations confirmed that maintaining cash flow was a key priority and we immediately took steps to ensure that providers had the cash flow that they needed.
For some types of legal aid this meant adjusting the way in which providers submitted their claim for payment to the LAA. From 19 May, providers have been able to claim their usual payments for Legal Help, Crime Lower & Mediation work via a contingency process. Due to previous investment, the criminal legal aid systems were more modern, and internal access was restored more quickly. This enabled the LAA to resume paying Crown Court bills from early June.
It was necessary to agree a payment contingency for Civil Representation work with HM Treasury. This led to the implementation of the Average Payment Scheme on 27 May. The Average Payment Scheme enables providers to opt in to receive a temporary average payment for Civil Representation work that would otherwise be due. Payments are made on a weekly basis. The weekly average payment is based on previous payments made to that provider over the preceding 3-month period. Some providers have not opted in to receive payment, but it is there should they need it.
As of 30 November, 2,045 advocates, and 1,206 legal aid provider offices have received payment through the Average Payment Scheme. As payments are calculated as a weekly average there is no scope or need to make a ‘partial’ or ‘emergency’ payment. However, there is, in addition, a simple escalation process in place to enable providers to request a payment in excess of the average amount offered to meet specific expenditure.
We are satisfied that providers have been able to access payment for work carried out whilst systems have been offline.
Asked by: Matt Vickers (Conservative - Stockton West)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what steps her Department is taking to help support police forces to tackle rising levels of online fraud and scams.
Answered by Dan Jarvis - Minister of State (Cabinet Office)
The Government, working with City of London Police, has recently replaced Action Fraud with a new and improved national police reporting service for fraud and cybercrime. The new service (Report Fraud) went live on 4 December. Report Fraud will provide better intelligence to support police and other partners with responding to online fraud and scams.
In addition, the Government has completed recruitment of the National Fraud Squad (NFS) of specialist posts, led by the NCA and City of London Police. The NFS will take a proactive, intelligence-led approach to identifying and disrupting the most serious fraudsters operating in the online space and targeting the UK public.
The Home Office has also undertaken a comprehensive review of the fraud training and skills landscape - we will implement the recommendations from this to ensure officers have the right skillset to respond to online fraud and scams.
More broadly, under the Online Safety Act, companies in scope must now tackle fraudulent content at source, or face the possibility of significant fines from the regulator.
The Government will set out a comprehensive Fraud Strategy early in the New Year. It will include measures to both protect consumers and disrupt criminal networks and ensure that the UK remains the most difficult environment possible for fraudsters to operate in.
Asked by: Gregory Campbell (Democratic Unionist Party - East Londonderry)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, how many organisations and companies (a) reported cyber incidents in the last 12 months and (b) had adopted the Cyber Essentials scheme beforehand.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
While we do know which organisations are certified to the Cyber Essentials scheme, we do not hold data on whether they reported a cyber incident in the past 12 months.
We are confident that the controls are effective with insurance data indicating that organisations with Cyber Essentials are 92% less likely to make a claim on their cyber insurance than those without it.
That is why we have written to businesses and organisations encouraging them to use the Cyber Essentials scheme. We have been pleased with the positive feedback on this. The number of live certifications as of October 2025 was 54,678, representing an increase of 8,335 certificates on the previous 12 months (an 18% increase).
Asked by: Lord Wigley (Plaid Cymru - Life peer)
Question to the Department for Science, Innovation & Technology:
To ask His Majesty's Government what estimate they have made of the cost of cyberattacks to each subsector of the manufacturing industries for which they have data.
Answered by Baroness Lloyd of Effra - Baroness in Waiting (HM Household) (Whip)
Earlier this month, the government published a set of independent research reports quantifying the impact of cyber attacks on the UK economy. While the government does not hold sub-sectoral data, the KPMG report Economic Modelling of Sector Specific Costings of Cyber Attacks estimates the cost of cyber attacks to individual businesses, broken down by down sector and size.
The report estimates the manufacturing sector suffers some of the highest costs when compared to other sectors, with a significant cyber attack on a UK manufacturing organisation resulting in an average cost of £330,406. This estimate is based on simplified scenarios and generalised inputs to illustrate potential outcomes and should therefore be interpreted with caution.
The 2025 version of the government’s annual Cyber Security Breaches Survey finds that 48% of businesses in the utilities and production sector – which includes manufacturing businesses – suffered any kind of cyber breach or attack in the past 12 months. The survey does not include data on individual sub-sectors.
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Question to the Department for Science, Innovation & Technology:
To ask His Majesty's Government what assessment they have made of the Cyber Security Breaches Survey 2025 finding that over 40 per cent of UK businesses experienced a breach or attack in the past 12 months.
Answered by Baroness Lloyd of Effra - Baroness in Waiting (HM Household) (Whip)
The Cyber Security Breaches Survey shows the cyber threat is significant and it is critical businesses leaders take urgent steps to improve their cyber security. That is why the Government wrote to chief executives and chairs of leading UK companies recently asking them to make action on cyber security a top priority.
The Government has developed tools for businesses to protect themselves, including:
The Government is also taking action to protect the economy. The Cyber Security and Resilience Bill, introduced earlier this week, will boost our cyber defences and better protect our essential public services. Next year, we will publish a new National Cyber Action Plan setting out how Government will respond to the cyber threat and work with industry to raise resilience across the economy.
Asked by: Gareth Thomas (Labour (Co-op) - Harrow West)
Question to the Home Office:
To ask the Secretary of State for the Home Department, how many cases of alleged trustee mismanagement of asset protection trusts were recorded in the last three years by Action Fraud in a) Scotland b) London c) Suffolk and d) In total.
Answered by Dan Jarvis - Minister of State (Cabinet Office)
The capturing of fraud reports is recorded in line with the Home Office Crime Counting Rules for fraud, which breaks fraud down into a range of codes. The information requested does not currently align to the crimes recorded in the Action Fraud data set.
The Home Office is working with City of London Police to replace Action Fraud with a new and improved national police reporting service for fraud and cybercrime. The new service will include capabilities to better track threat trends and enhanced search features for the report database.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what assessment has been made of police and enforcement capacity to investigate cryptocurrency-related crimes, including scams, ransomware payments, and illicit trading platforms.
Answered by Dan Jarvis - Minister of State (Cabinet Office)
The UK government has strengthened UK policing capabilities to tackle cryptocurrency-related crime effectively.
Through the Economic Crime and Corporate Transparency Act (2023), law enforcement agencies (LEAs) gained new powers to seize illicit cryptoassets. As set out in the UK’s National Risk Assessment (NRA) of Money Laundering (ML) and Terrorist Financing (TF) 20251, this is supported by the recruitment of 475 new financial investigators across UK law enforcement, investment in advanced crypto forensic tracing technologies for LEAs, provision of specialist training for officers in crypto investigations and the creation of public-private operational crypto partnerships. Together, these measures enhance the UK’s ability to investigate cryptoasset crimes of all types and confiscate criminal proceeds.
This year LEAs also received £3.2m of additional funding through the Asset Recovery Incentivisation Scheme (ARIS) Top Slice grant to tackle crypto crime through innovative projects which further build capability within the LEA system. A further c£3.9m of funding is committed for next year. Monitored by the Home Office, these projects strengthen efforts to investigate and seize crypto attributed to crime.
The Home Office is developing legislative proposals to counter ransomware, which will provide law enforcement and operational partners with a robust evidence base and understanding of the ransomware payment landscape to support investigations and wider activity. The UK has led significant disruptions against ransomware gangs and their criminal ecosystem. In October 2024, we sanctioned 16 members of the prolific cyber-crime gang, Evil Corp, and in February 2025, UK sanctions targeted ZSERVERS, a prolific Russian cybercrime entity responsible for facilitating crippling ransomware attacks globally.
The Government will also soon publish a new fraud strategy designed to tackle all types of scams, including those involving cryptocurrencies.
1National risk assessment of money laundering and terrorist financing 2025 - GOV.UK
Asked by: Jo Platt (Labour (Co-op) - Leigh and Atherton)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what assessment her Department has made of the potential impact of amending the Computer Misuse Act 1990 on (a) coordination between law enforcement agencies and (b) effectiveness of the cybersecurity industry in disrupting cybercrime.
Answered by Dan Jarvis - Minister of State (Cabinet Office)
The Government is conducting an ongoing review of the Computer Misuse Act. As part of the review, we are scoping several proposals to update the Act, including how we can better support legitimate cybersecurity researchers so they can operate within a clear and supportive legal framework, while maintaining robust safeguards.
Engagement, including with the cyber security industry, is underway to refine the approach and an update will be provided in due course.
We will continue to work closely with law enforcement agencies to ensure any changes to the Act protect their ability to successfully investigate cybercrime.