Hundreds of thousands of criminal, financial and personal records have been compromised in a major cyber attack on the UK’s Legal Aid Agency, raising serious questions about digital security in one of the country’s most sensitive justice systems.

What Is the Legal Aid Agency And Why Was It Targeted?

The Legal Aid Agency (LAA), part of the Ministry of Justice, provides funding for legal representation to individuals who can’t afford it. This includes people facing criminal charges, eviction, domestic abuse, or complex family matters. Each year, it processes hundreds of thousands of applications and manages payments to solicitors and legal providers across England and Wales.

However, behind this critical public function, the agency’s digital infrastructure was running on fragile systems that, according to critics, had been neglected for years. For example, the Law Society had previously warned that its technology was “too antiquated to cope”, a warning that now appears to have been tragically justified.

What Happened And How Did the Hackers Get In?

Officials first became aware of the cyber attack on 23 April, when the LAA’s online digital services began to show signs of compromise. At first, it was thought that only legal aid providers (i.e. solicitors and firms who use the system to log work and request payment) were affected.

However, further investigation revealed something far more serious. On 16 May, it was confirmed that the attackers had in fact accessed and downloaded a large volume of personal data belonging to legal aid applicants going back as far as 2010.

The data accessed (and probably downloaded) includes names, contact details, dates of birth, national insurance and ID numbers, employment status, criminal history, and sensitive financial data such as debt levels and payment records. Some reports even claim up to 2.1 million pieces of data may have been taken, though this has yet to be formally verified.

Who Was Behind the Attack?

The group responsible has not yet been officially identified, but officials have said they do not currently believe this was the work of a hostile nation-state. Instead, it appears to be the work of an organised criminal gang, possibly seeking to extort or sell stolen data for financial gain.

The Ministry of Justice has confirmed that the National Crime Agency and the National Cyber Security Centre are now investigating the incident, with assistance from the Information Commissioner’s Office. Meanwhile, the LAA’s online portal has been taken offline, and work has begun on building a replacement system.

Why Did This Happen And Could It Have Been Prevented?

According to a source within the Ministry of Justice, vulnerabilities in the LAA’s systems were known for years but not addressed under the previous government. Critics have described the breach as the result of “long-term neglect”, pointing to repeated calls for investment and reform from legal bodies such as the Law Society.

In the words of Law Society president Richard Atkinson, “Legal aid firms are small businesses operating on the margins of viability… these financial security concerns are the last thing they need.” He added that the system’s fragility had already hindered reforms and warned that any further delays would now be “untenable”.

Real-World Risks for Individuals and Firms

For the thousands of people affected, this isn’t just an IT failure – it’s a personal risk. Many legal aid applicants are already in vulnerable situations. For example, some are dealing with domestic abuse cases, immigration hearings, or criminal charges, while others have been wrongly accused, or are applying for legal help in family disputes.

Now, it seems those same individuals are facing the anxiety of not knowing where their personal data has ended up, or how it could be used. Cybersecurity experts warn that data like this is often used in targeted scams, phishing campaigns, or identity fraud, with long-term implications.

Also at risk are the legal aid providers themselves. These are often small law firms already under financial pressure, now left scrambling for alternative ways to process claims and payments while the LAA rebuilds its systems.

What Should You Do If You’re Affected?

The Legal Aid Agency has urged anyone who applied for legal aid between 2010 and 2025 to take immediate steps to safeguard themselves. This includes:

– Being alert for suspicious phone calls, texts, or emails from unknown senders.

– Updating passwords, especially for any accounts that may have reused information.

– Verifying the identity of anyone requesting personal or financial details before responding.

The National Cyber Security Centre has also published updated guidance for individuals and businesses affected by data breaches, with a particular focus on spotting phishing scams and securing mobile devices.

What Does This Mean For Your Business?

This breach is yet another reminder that outdated digital systems are no longer just an inconvenience – they are a real liability. For UK businesses, particularly those in legal services, social care, government contracting, or any industry that handles sensitive personal data, this incident is a wake-up call.

This is also a reminder that cyber risk is no longer confined to banks and tech giants. It seems that public sector agencies, legal support organisations, and even small private firms are all now in the firing line, mainly because cybercriminals are increasingly targeting entities with sensitive data but outdated or underfunded digital defences, seeing them as easier to exploit than large, well-protected corporations.

If an organisation’s systems haven’t been independently tested, audited, or updated in the last 12–18 months, now is the time to act.

The Legal Aid Agency may recover, but its credibility has been badly shaken, and for the people whose data was exposed, the damage may be permanent. What this breach shows is that in the digital age, trust isn’t just earned through good service. It’s also earned (or lost) through cybersecurity.

A government-commissioned red teaming exercise has found that One Login, the UK’s flagship digital identity platform, can be compromised without triggering any alerts.

The test, carried out by the National Cyber Security Centre’s Cross-Government Red Team, revealed serious gaps in the system’s ability to detect and respond to intrusions. One Login is intended to provide a single, secure sign-in for services like tax, pensions and benefits.

Over 2 million users are already enrolled, but the findings raise concerns about whether the platform is safe for wider rollout. A Cabinet Office spokesperson said the exercise was “routine best practice” and confirmed improvements are being made, but offered no technical details.

Experts say silent compromise of a national identity system could expose millions to fraud, data theft or service disruption, especially if undetected for long periods.

Although this was a simulated attack and no real data was exposed, the key concern is that One Login failed to detect the breach, showing a weakness in spotting intrusions. For businesses, the lesson is that detection matters as much as prevention. Regular testing and active monitoring are vital to catch threats before they cause damage.

A new sustainable building material that’s stronger than steel and made from ordinary timber is about to go into mass production, and it could change the face of construction forever.

From The Lab to the Launch of ‘Superwood’

In 2018, materials scientist Liangbing Hu and his team at the University of Maryland developed a method to convert ordinary wood into a material significantly stronger and lighter than steel. The innovation, initially viewed as a promising (but laboratory-bound) breakthrough, involved finding a new way to densify wood to enhance its strength and durability through a chemical and compression process. It seems that only now, after seven years, 140 patents, and millions in investment later, Superwood is actually heading to market.

InventWood

The startup behind the commercial rollout, InventWood, is gearing up to begin production this summer 2025 (summer 2025 is as accurate a launch date as InventWood has given) at its first dedicated facility. Backed by $15 million in Series A funding from climate-focused investors including the Grantham Foundation and Builders Vision, the company believes Superwood could soon replace a substantial chunk of the steel used in buildings, and significantly reduce the environmental cost of construction in the process.

How is Superwood Made?

Superwood is essentially regular wood that has undergone a chemical and physical treatment to alter its structure at the molecular level, thereby significantly increasing its strength and durability.

The process starts with regular timber, which is mostly composed of the two key compounds of cellulose and lignin. Cellulose is the strong, fibrous material that gives plant cells their rigidity, while lignin acts as a kind of natural glue. Ironically, it’s the removal of lignin that unlocks the strength hidden inside the wood.

The process to strengthen the wood and turn it into ‘Superwood’ includes:

– Boiling and bonding. The wood is first boiled in a solution of sodium hydroxide and sodium sulfite – a process not unlike that used in paper production. This removes most of the lignin and hemicellulose, while keeping the cellulose intact.

– Compression and heating. Next, the softened wood is compressed and gently heated, causing the cell walls to collapse. This triggers hydrogen bonding between adjacent cellulose fibres, vastly increasing the wood’s strength.

– Stabilisation. For external use, some samples are impregnated with polymers, improving resistance to moisture and environmental wear.

The Result

The result of this transformative process is to create material with up to 20 times the strength of natural wood, and a strength-to-weight ratio up to 10 times greater than steel! Also, according to InventWood, it’s also highly fire-resistant (Class A fire rating), pest- and rot-resistant and, unlike most tropical hardwoods, naturally beautiful, thanks to a deep, rich colour created during the compression process. As InventWood’s CEO Alex Lau says: “It looks like walnut or ipe, but we haven’t stained any of it,” and that “These are the natural colours. It’s just wood, re-engineered.”

Steel-Level Performance Without the Carbon

The potential sustainability benefits of Superwood are huge. For example, globally, the production of steel accounts for about 7–9 per cent of direct emissions from fossil fuels, according to the International Energy Agency (IEA). Also, concrete and steel together make up around 90 per cent of the carbon footprint of new buildings. This means that being able to replace even a fraction of that with a renewable, carbon-sequestering material like Superwood could be a game-changer.

On a like-for-like performance basis, Superwood generates 90 per cent lower emissions than steel and, because it locks carbon into the material itself, every Superwood beam or panel becomes a kind of mini carbon store.

The material can also be made from underutilised or waste wood, adding another layer of circularity and environmental value.

What Can It Be Used For?

At launch, InventWood is targeting facade and cladding applications for commercial and high-end residential buildings. These “skin” uses are designed to be ideal early-stage deployments, giving architects and developers a chance to work with the material in lower-stress contexts while the production process is scaled up.

However, it seems that the real ambition lies deeper in the building. For example, as Lau says, “Eventually we want to get to the bones of the building”, including structural beams, columns, and even I-beams being made entirely from Superwood. The strength, light weight, and stability of Superwood means it could be used not just in walls and roofing, but in entire load-bearing structures.

Beyond construction, other possible applications could include:

– Furniture. Stronger, lighter, and more durable wooden furniture with high aesthetic value.

– Vehicles. Potential use in interior vehicle panels or lightweight frames.

– Protective Gear. Early tests showed Superwood could stop bullet-like projectiles, leading to speculation it might be used in low-cost body armour or impact-resistant products.

– Consumer Goods. From tools to sports equipment, the applications could span industries.

Mouldable Into Different Shapes

One other big practical and aesthetic advantage is that, because it’s mouldable during the early stages of production, the wood can be shaped and formed into complex designs before hardening, thereby opening up design possibilities beyond what’s possible with standard timber.

Scaling Up

With its first production plant due to go live this summer, InventWood is keen to prove it can scale efficiently. The initial batches will be smaller and aimed at showcasing Superwood’s performance and aesthetics in real-world projects.

Over time, the plan appears to be to mass-produce structural timber products using waste or fast-growing softwoods, such as pine or poplar, woods that are cheap and abundant but typically too weak for major construction use.

By applying the Superwood process, these everyday species could be upgraded to high-performance materials without the costs or carbon associated with tropical hardwoods or engineered metal.

Investor Interest

Not surprisingly, the company has already attracted interest from major investors and partners in the climate tech space, and says the long-term goal is to replace up to 80 per cent of the structural steel currently used in building and infrastructure projects.

Hype or Hope?

Despite the excitement, it should be noted that Superwood isn’t without its critics, or its hurdles. For one, the technology is still in its commercial infancy. While lab tests and prototypes are impressive, the construction industry is notoriously conservative when it comes to adopting new materials, especially for structural use. Engineers, insurers and regulators will need to be convinced of its long-term performance under varied conditions, including moisture, temperature change, and mechanical stress.

There’s also the question of cost and scalability. While Lau says the process has been reduced from “more than a week to a few hours,” manufacturing densified wood still requires energy, chemical treatments, and controlled conditions. Whether the environmental benefits are maintained at large scale will depend on the sourcing of those inputs and the overall lifecycle of the material.

Some environmental groups have also raised concerns about supply chain transparency. If demand for Superwood grows rapidly, there will be pressure to ensure that input timber is sustainably and ethically harvested, particularly if production expands beyond waste wood and fast-growing species.

Benefits Outweigh Challenges

However, supporters of the technology argue that the potential benefits outweigh the challenges. For example, investors involved in the funding round have highlighted the urgent need for new, low-carbon materials in response to the climate crisis, and view Superwood as a promising solution that combines high strength, aesthetic appeal, and significantly lower emissions. Some believe it could represent one of the most important material innovations of the decade.

What Does This Mean For Your Organisation?

If Superwood’s apparent potential to dramatically reduce carbon emissions while delivering on performance could make it an attractive alternative to steel and tropical hardwoods, especially at a time when the construction industry is under growing pressure to decarbonise.

For UK businesses, particularly those involved in architecture, building design, and sustainable development, this could open up exciting new opportunities. Superwood’s combination of strength, lightweight handling, and natural beauty offers practical advantages that go beyond green credentials. If adopted at scale, it could help developers meet net-zero targets, reduce material costs, and differentiate projects in a highly competitive market. Manufacturers and timber suppliers may also find new demand for underused or waste wood, potentially driving regional supply chains and creating jobs linked to circular production.

Also, with early use cases already being explored in areas like furniture, transport, and protective materials, Superwood’s commercial reach could extend well beyond construction. For example, as the product matures and real-world performance data emerges, its use may spread into consumer goods, automotive interiors, and even defence applications.

That said, its long-term impact will hinge on more than just innovation. It will depend on how quickly the production process can be scaled, how effectively it’s regulated, and whether sustainability claims can be backed by transparent, verifiable supply chains. For clients, designers, and contractors alike, due diligence will be essential.

Still, in a sector where true breakthroughs are rare and often slow to emerge, Superwood offers something genuinely different, i.e. a material that aligns strength, sustainability, and versatility in a way that could reshape how (and what) we build in the years ahead.

ChatGPT has had a major upgrade when it comes to its memory functionality. This video tells you everything you need to know to use this new memory upgrade to the fullest.

[Note – To Watch This Video without glitches/interruptions, It may be best to download it first]

Worried your login details might be floating around the dark web? There are paid solutions available which your IT expert can offer but if you’re a pinch, Microsoft Edge can alert you if any passwords you’ve saved in the browser have appeared in a known data breach, and it only takes a moment to switch on.

How to:

– Open Microsoft Edge.
– Click the three-dot menu in the top-right corner and select Settings.
– Go to Profiles > Passwords.
– Scroll down and toggle on ‘Show alerts’ when passwords are found in an online leak.
– If prompted, sign in with your Microsoft account to enable monitoring.

Pro-Tip: You can also click Scan now to run an instant check on your saved credentials. If Edge flags anything, update the password immediately — ideally using a strong, unique replacement.

OpenAI CEO Sam Altman’s identity startup ‘World’ has begun its rollout in the United States, introducing 20,000 biometric devices known as Orbs that scan users’ irises to confirm they are human.

From Worldcoin to World

World began life in 2019 as Worldcoin, a startup co-founded by Sam Altman and Alex Blania through their company Tools for Humanity. Its original mission was to create a global digital identity system and one that could reliably distinguish real people from bots, fake accounts, or AI-generated personas online.

The concept gained early momentum and by 2023, World had begun international trials and attracted more than 26 million sign-ups across Europe, South America, and the Asia-Pacific region. Around 12 million of those have been fully verified through iris scanning. The platform has since rebranded as World, signalling a broader ambition beyond cryptocurrency to build infrastructure for a future internet rooted in proof of personhood.

What Is the Orb and What Does It Actually Do?

At the core of World’s technology is the Orb, a polished metallic device about the size of a bowling ball. When a person stands in front of it, the Orb scans their face and iris, producing a one-of-a-kind identifier. This identifier, or IrisCode, is then tied to a World ID, which is a kind of digital passport that can be used to log into platforms, verify identity, and prove personhood online.

Images Stored Locally For Privacy

World says the Orb never stores images of the eyes or face. Instead, biometric data is processed locally to create an encrypted code, which is considered a privacy-first approach because it limits the exposure of sensitive information and reduces the risk of mass data breaches. This code can then be used repeatedly without re-scanning and without giving third parties access to the original biometric material.

Which Platforms Can It Be Used With?

World IDs are already compatible with popular platforms such as Minecraft, Reddit, Discord, Shopify, and Telegram, thanks to an open API that allows developers to integrate identity verification into their services. This means users can log in, prove they are human, and access features without relying on traditional sign-in methods. Looking ahead, the system could also be used across a much wider range of applications, e.g. from online voting and content moderation to digital finance and secure access to AI tools. Users can also access the World App, a decentralised digital wallet that supports peer-to-peer payments, savings, and cryptocurrency transactions.

Why Launch Now and Why in the U.S.?

It seems that the timing of World’s U.S. launch is no accident. As Altman’s team explained during the company’s “At Last” event in San Francisco, there is growing urgency around digital trust and online authenticity. For example, the rise of generative AI, deepfakes, and synthetic media has made it increasingly difficult to know who (or what) is behind a digital profile.

Tools for Humanity believes this is a critical moment for establishing global standards of identity verification, particularly in areas like online finance, dating, and governance. With President Trump signalling support for a pro-crypto policy environment and plans for a national “crypto strategic reserve,” the U.S. now appears more welcoming to digital identity innovation than in recent years.

Rollout In Six Cities

Six flagship cities have been chosen for the U.S. rollout of World: Austin, Atlanta, Los Angeles, Miami, Nashville, and San Francisco. Physical retail locations have been set up in each of these cities, with Orb devices also appearing in Razer gaming stores, allowing people to get scanned and onboarded in person.

Big-Name Partners and Real-World Use Cases

The launch is also backed by two major partnerships. Visa says it will introduce a new World-branded debit card later this year and that the card will only be available to users who have verified their identity through an Orb scan. Also, Match Group, the owner of Tinder, is beginning a pilot programme in Japan using World IDs for age verification and fraud protection.

These collaborations highlight the system’s potential across sectors. In online dating for example, World could help eliminate romance scams and catfishing by ensuring users are real and accurately aged. In payments and finance, it offers a new route to identity-backed, bot-resistant transactions without relying on government ID systems.

World also claims the technology can improve the fairness of AI systems. For example, by restricting access to services or votes to verified humans, platforms could reduce manipulation by automated accounts, vote stuffing, or fraud in decentralised applications.

Challenges and Criticisms

The most significant concern surrounding World is the creation of a permanent digital ID based on something that cannot be changed. i.e. the human iris. Even if the data is encrypted and stored in a decentralised format, the system still links a person’s physical identity to a global profile that may one day be used across multiple platforms and jurisdictions.

This has led privacy experts to argue that there are long-term risks from this kind of system. For example, once a biometric identifier like an iris is linked to a digital identity system, it cannot simply be revoked or replaced in the way a password can, and there is no way to reset an iris if trust in the system breaks down.

Suspended

It should be noted here that several governments have already taken action against World over concerns about how biometric data is collected, processed, and safeguarded. For example, Kenya suspended the project in 2023 following a criminal investigation into alleged data misuse and a lack of transparency. Hong Kong authorities declared the biometric scans excessive and unnecessary, ordering World to cease operations. Spain and Argentina also raised concerns, with the latter issuing fines over violations of local data laws and inadequate user consent.

Changes Made

In response, World has since made changes to its technical model. According to the company, no actual images of users’ irises are stored. Instead, the Orb generates a mathematical code called an IrisCode, which is encrypted and divided among several independent institutions. These include blockchain platforms and financial partners. The aim is to ensure that no single party has access to the full dataset. As Adrian Ludwig, chief information security officer at Tools for Humanity, explains: “We don’t have a single place that holds all the sensitive data,” and that “You’d have to compromise multiple companies and institutions simultaneously to reconstruct it.”

Despite this reassurance, it seems that many critics remain sceptical and questions continue to surface around informed consent, the possibility of misuse, and the long-term consequences of tying biometric identity to digital infrastructure. Even if the current implementation is secure, some argue it sets a precedent that could be difficult to control in future.

The project has become a focal point in ongoing debates about how society should approach identity in the age of artificial intelligence. While some view it as a timely and practical response to the growing challenge of online impersonation, others see it as the early foundation of a surveillance system that, once widely adopted, may be difficult to disentangle from daily digital life.

The Implications

The U.S. launch of World marks another notable move by Sam Altman into a space where AI, privacy, and human identity increasingly collide. While OpenAI is pushing the boundaries of what machines can do, World is designed to be focused on preserving what makes humans unique, and offering tools that could help establish trust in increasingly automated environments.

For rival tech firms and startups exploring digital identity, decentralised networks, or Web3 platforms, World’s growing user base and financial backing present a challenge. With over $140 million in funding and early traction across multiple continents, it now already appears to be a major player in the race to define how digital identity should work in the post-password, post-avatar age.

Businesses across sectors are already paying attention. For example, World’s API integrations suggest clear use cases in ecommerce, fintech, gaming, and social media. By tying access to verified personhood rather than traditional credentials, it offers a new way to protect against bots, fake accounts, and synthetic fraud.

As for individuals, some may broadly see World ID as a valuable key that could provide much needed safer and smoother digital experiences. Others, however, may (understandably) be cautious about linking their irises to any system, however privacy-focused or decentralised it claims to be.

With plans to scale to a billion users, World is positioning itself as a foundational layer for future internet infrastructure. Whether users, regulators and businesses are ready to follow remains an open question.

What Does This Mean For Your Business?

With World, Sam Altman is essentially trying to redefine how digital identity works in an internet shaped by AI. The rollout is happening now, and it seems that the implications are already starting to take shape.

What sets World apart is its aim to make verified personhood a core feature of online infrastructure. If adopted at scale, it could change how people prove they are human when accessing websites, making payments, or interacting online. For businesses, this appears to offer a clear opportunity to reduce fraud, limit fake accounts, and create more secure digital environments, particularly in ecommerce, fintech, gaming, and media.

UK businesses are likely to follow this closely. With mounting concerns over AI-generated content, phishing attacks, and online impersonation, there is growing demand for robust yet user-friendly identity systems. A tool like World, therefore, if proven secure and accepted by regulators, could give companies a new way to protect platforms and build trust with users.

Whereas for governments, this system raises fundamental questions about privacy, oversight, and biometric data rights, for individuals, it could offer convenience and security, yet also introduces new risks around surveillance and long-term data use.

World is aiming to reach a billion users, and whether it succeeds will depend not just upon the technology, but also on how much control people feel they’re giving up, and whether the benefits are enough to justify it.