The agency's chief executive Jane Harbottle apologised, saying she understood the news "will be shocking and upsetting for people".
The MoJ said that while the initial cyber-attack was detected in April, it has since become apparent that the incident was "more extensive than originally understood".
It also warned the public to be alert for any suspicious activity, including unknown messages or phone calls, and to update any potentially exposed passwords.
"If you are in doubt about anyone you are communicating with online or over the phone you should verify their identity independently before providing any information to them," it said.
The ministry said it was working with the National Crime Agency and the National Cyber Security Centre, and has informed the Information Commissioner.
Legal aid is offered to cover the costs of legal advice, family mediation and representation in a court or tribunal for those who qualify.
This includes those who are at risk of abuse or serious harm, discrimination, forced marriage, as well as those defending themselves in criminal cases.
The Legal Aid Agency's online digital services, which are used by legal aid providers to log their work and get paid by the government, have been taken offline.
The Law Society, which represents the legal profession, said the MoJ needed to "get a grip of the situation immediately" and notify all those affected individually.
"It is extremely concerning that members of the public have had their personal data compromised," it added.
The agency is the latest victim in a series of recent cyber-attacks that have caused mass disruption.
Earlier this month, luxury department store Harrods said it had "restricted internet access at our sites" following an attempt to gain access to its systems.
An attack on Marks & Spencer in April caused it to lose out on millions of pounds of sales and left it struggling to get services back to normal.
A similar incident at the Co-op forced it to shut down parts of its IT systems and disrupted deliveries of fresh stock.