Courts service covered up IT bug that caused evidence to go missing
- BBC News
The body running courts in England and Wales has been accused of a cover-up, after a leaked report found it took several years to react to an IT bug that caused evidence to go missing, be overwritten or appear lost.
Sources within HM Courts & Tribunals Service (HMCTS) say that as a result, judges in civil, family and tribunal courts will have made rulings on cases when evidence was incomplete.
The internal report, leaked to the BBC, said HMCTS did not know the full extent of the data corruption, including whether or how it had impacted cases, as it had not undertaken a comprehensive investigation.
It also found judges and lawyers had not been informed, as HMCTS management decided it would be "more likely to cause more harm than good".
HMCTS says its internal investigation found no evidence that "any case outcomes were affected as a result of these technical issues".
However, the former head of the High Courts family division, Sir James Munby, told the BBC the situation was "shocking" and "a scandal".
The bug was found in case-management software used by HMCTS, the Ministry of Justice (MoJ) agency which administers many courts in England and Wales, and tribunals across the UK.
The software - known variously as Judicial Case Manager, MyHMCTS or CCD - is used to manage evidence and track cases before the courts. It is used by judges, lawyers, case workers and members of the public.
Documents seen by the BBC show it caused data to be obscured from view, meaning medical records, contact details and other evidence were sometimes not visible as part of case files used in court.
The Social Security and Child Support (SSCS) Tribunal - which handles benefit appeals - is thought to have been most affected.
Sources have told the BBC that bugs have also impacted case management software used by other courts - including those dealing with family, divorce, employment, civil money claims and probate.
"These hearings often decide the fate of peoples lives," Sir James Munby told the BBC. "An error could mean the difference between a child being removed from an unsafe environment or a vulnerable person missing out on benefits."
The BBC has spoken to several separate sources within HMCTS who liken the situation to the Horizon Post Office scandal, where executives tried to suppress evidence of the systems flaws.
One says there was "general horror" at the design of the software, introduced by HMCTS in 2018, which they claim was "not designed properly or robustly" and had a long history of data loss.
Another says there was a general reluctance from senior management to "acknowledge or face the reality" of the situation, despite repeated warnings from the agencys IT staff.
"There is a culture of cover-ups," one told the BBC. "Theyre not worried about risk to the public, theyre worried about people finding out about the risk to the public. Its terrifying to witness."
When asked, the MoJ told us several organisations had been involved in the design and development of the software but did not supply a list.
The BBC has seen documents from the MoJ (obtained through Freedom of Information requests), including emails where the severity of the SSCS issue was discussed.
A briefing prepared for the chief executive of HMCTS - dated March 2024 - reveals the risk to proceedings was initially categorised as "high" with the possibility of court outcomes being adversely affected assessed as "very likely", resulting in "severe reputational impact to HMCTS".
However, an initial manual investigation by a team within HMCTS reviewed only a subset of the most recent three months worth of cases heard by the SSCS Tribunal, even though the bug was thought to have been in the system for several years.
Out of 609 cases identified as having potential issues, only 109 (17%) were selected for further investigation. Among those, just one was said to have had "potentially significant impact".
The briefing suggested standard court procedure would mean that staff would spot any anomalies and manually correct them.
Subsequently, it was decided the risk to all cases was low and "no further checks" were needed.
Sources within HMCTS argue that a snapshot of three months worth of data was "totally insufficient", given the nature of the problem.
Their concerns are shared by a leading IT security expert, Prof Alan Woodward of the University of Surrey, who has worked for the UK government and consults on issues including forensic computing.
"[HMCTS] conducted their investigation on a limited set of cases", he says. "To say that they found no impact of these faults doesnt make sense to me."
Documents show an employee of HMCTS was so concerned, they raised a formal whistleblower complaint, which prompted a further internal investigation.
This was led by a senior IT professional from the Prison Service and resulted in a detailed report, distributed internally in November 2024.
This is the report that has been leaked to the BBC.
It was set up to "establish the facts" on data loss and data corruption issues affecting the Social Security and Child Support Tribunal.
Investigators interviewed 15 witnesses, including software engineers and developers, and reviewed internal documents, such as incident logs and diary entries.
It found "large scale" data breaches that should have been addressed "as soon as they were known". However, the report said that HMCTS had taken several years to react despite multiple warnings from senior technical staff, from 2019 onwards.
Investigators concluded that because HMCTS had not undertaken a comprehensive investigation, the full extent of data corruption was still unknown, including if case outcomes had been affected.
The report added that data loss incidents continue to be raised against the IT system used by the civil, family and tribunal courts.
The concerns raised in the leaked report echo those raised by those speaking to the BBC.
Sources inside HMCTS express concerns that missing evidence may have gone undetected.
"This is quite a frightening possibility," one told the BBC, "That information gets lost, no-one notices, and there is a miscarriage of justice. I think that has to be the biggest worry."
In the family courts, a different IT flaw caused thousands of documents to go missing, sources say.
In one instance, it is claimed a fault caused more than 4,000 documents to go missing from hundreds of public family law cases - including child protection cases.
The BBC understands this bug was discovered in 2023 and may have been present for some years. We have been told it has since been resolved but that no investigation was carried out to establish potential impact on case outcomes.
We asked the MoJ if any emergency child protection cases had been affected.
It did not respond to this question.
In a statement, an HMCTS spokesperson told the BBC that "parties and judges involved in these cases always had access to the documents they needed". It vowed to "press ahead" with digitisation, because it was "vital" to bring courts and tribunals into the modern era.
Do you have information about this story that you want to share?
Get in touch with Alys by email at alys.harte@bbc.co.uk or on the signal Signal messaging app, an end-to-end encrypted message service designed to protect your data, with the username alyshartebbc.22.
You can also use SecureDrop, a highly anonymous and secure way of contacting the BBC which uses the TOR network.
SecureDrop: http://kt2bqe753wj6dgarak2ryj4d6a5tccrivbvod5ab3uxhug5fi624vsqd.onion/
Please note that the SecureDrop link will only work in a Tor browser. For information on keeping secure and anonymous, heres some advice on how to use SecureDrop.
