Courts service 'covered up' IT bug that caused evidence to go missing

Since a leaked report found that IT took several years to react to an IT virus that caused evidence to go missing, be overwrITten, or appear missing, the body handling courts in England and Wales has been accused of a cover-up. Judges in civil, family, and tribunal courts will have rendered decisions on cases where evidence was incomplete, according to HM Courts & Tribunals Service (HMCTS). According to the internal report, HMCTS did not know the full extent of the data manipulation, including whether or how it had affected cases, because it did not conduct a thorough investigation. Judges and lawyers were also unaware, and HMCTS' leadership determined that it would be more likely to cause more harm than good in the case. According to HMCTS, there was no evidence that any case outcomes were affected as a result of these technological issues. However, Sir James Munby, the former head of the High Court's family division, told the BBC that the situation was shocking and "a scandal.

The bug was discovered in case-management software used by HMCTS, the Ministry of Justice (MoJ) department that manages numerous courts in England and Wales, as well as tribunals throughout the UK. The application, also known as Judicial Case Manager, MyHMCTS, or CCD, is used to gather evidence and track cases before the courts. Judges, attorneys, case workers, and members of the public use it. Documents seen by the BBC show that it caused data to be obscured from view, implying that medical records, contact details, and other facts were sometimes not available as part of case files used in court. The Social Security and Child Support (SSCS) Tribunal, which handles benefit cases, is thought to have been the most affected. Bugs have also affected case management applications used by other courts, including those dealing with family, divorce, education, civil rights, and probate, according to BBC reports. Sir James Munby told the BBC, These hearings often determine people's lives.An error could mean the difference between a child being rescued from an unsafe environment and a vulnerable individual missing out on benefits.

'Culture of cover-ups'

The BBC has interviewed several sources within HMCTS who likened the situation to the Horizon Post Office scandal, where executives attempted to conceal evidence of the system's defects. One says there was general fear over the software's configuration, which they claim was not developed properly or robustly and had a long history of data loss. DespITe repeated warnings from the department's IT workers, one claims that senior management was reluctance to acknowledge or face the facts of the sITuation. According to one of the BBC, There is a tradition of cover-ups.They are not worried about the danger to the public, but they are concerned about people finding out about the risk to the community. It's terrifying to witness. "When we asked, the MoJ told us that many companies had been involved in the design and production of the app, but that no one had a list.

'Totally insufficient'

The BBC has obtained MoJ documents (obtained through Freedom of Information requests), as well as emails in which the SSCS issue was addressed. According to a briefing prepared by HMCTS chief executive Paul Ryan, the danger to proceedings was initially classified as high, with the possibility of court outcomes being adversely affected being very likely, resulting in

severe reputational harm to HMCT. Nevertheless, HMCTS' initial manual probe only looked at a subset of the most recent three months' worth of claims heard by the SSCS Tribunal, even though the virus was believed to have been present in the system for many years. Out of 609 cases that had potential problems, only 109 (17%) were selected for further investigation. Among those, just one of which was said to have had

potentially significant effect. According to the briefing, the proposed standard court procedure would guarantee that employees will detect any anomalies and manually correct them. It was then decided that the threat to all patients was low and that no further checks were required. HMCTS representatives claim that a snapshot of three months' worth of data was completely ineffective considering the nature of the issue. Prof Alan Woodward, a leading IT securITy specialist who has worked for the UK government and consults on topics including forensic computing, shared their worries. According to him,

HMCTS] undertook their probe into a limited number of cases.

To say that they had no effect on these tragedies doesn't make sense to me.

Leaked report

According to documents, an HMCTS employee was so worried that they filed a formal whistleblower complaint, which prompted a new internal probe. This was led by a senior IT professional from the Prison Service and resulted in a long paper that was released internally in November 2024. This is the report that has leaked to the BBC. It was designed to establish the truth on data theft and data manipulation issues impacting the Social Security and Child Support Tribunal. Investigators interviewed 15 witnesses, including software engineers and developers, and reviewed internal documents, such as incident logs and diary entries. It discovered large data leaks that should have been addressed as soon as they were discovered in the news. Despite several warnings from senior technical staff, from 2019 to, the HMCTS had taken several years to react, according to the study. Investigators found that the full extent of data manipulation was still unknown, even though case outcomes had been changed because HMCTS had not launched an extensive probe. According to the study, data breach cases against the IT system used by the civil, family, and tribunal courts are still occurring. Many of the questions raised in the leaked report were similar to those raised by those speaking to the BBC. According to HMCTS representatives, missing evidence may have gone unnoticed. One of them told the BBC, This is a worrying possibility and that data gets lost, no one knows, one says, and there is 'a miscarriage of justice. I think this has to be the biggest worry.

'Missing documents'

According to reports, a particular IT defect caused thousands of documents to go missing in the family courts. In one instance, it is alleged that a fault led more than 4,000 documents to go missing from hundreds of public family law cases, including child protection cases. The BBC reports that this bug was discovered in 2023 and has been present for some years. We've been told that it has since been fixed, but that no probe was launched to determine the possibility of case results. We asked the MoJ if any emergency child protection cases had been affected. It did not respond to this question.

Parts and judges in these cases had always had access to the information they needed,

an HMCTS representative told the BBC in a tweet. Because it was important to bring courts and tribunals into the modern era, it promised to press forward with digitisation. Is there information about this story that you want to share? Get in touch with Alys by email at [contact redacted] or on the signal Signal messaging app, which is an end-to-end encrypted messenger service meant to shield your personal information. 22. SecureDrop is also a fast and secure way to contact the BBC that uses the TOR network. SecureDrop: http://kt2bqe753wj6dgarak2ryj4d6a5tccrivbvod5ab3uxhug5fi624vsqd. Onion/Please note that the SecureDrop link will only function in a Tor browser. Here's advice on how to use SecureDrop for information on how you can be safe and anonymous. Get all the headlines you need to start the day with our flagship newsletter. Sign up here.