News Hub

British Library hit by Rhysida ransomware attack, employee data leaked

Written by Tue 21 Nov 2023

The British Library has confirmed a serious security breach following a cyberattack by the Rhysida ransomware group. The group, known for its cyber extortion activities, said it has obtained sensitive employee data, including passport scans.

The Rhysida group announced on the dark web an auction for this data, starting at 20 bitcoin (approximately £600,000 or $740,000).

The group said: “With just 7 days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data. Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner.”

As of now, the British Library has not disclosed the specifics of the ransomware attack, the extent of the data breach, or any communications or ransom demands from the hackers. However, it did confirm ‘that some data has been leaked’ from its internal HR files.

The Library said they have no evidence that data of its users had been compromised, recommended those with a British Library account that use the same login details elsewhere to change their password as a precautionary measure.

“We anticipate restoring many services in the next few weeks, but some disruption may persist for longer,” said the Library.

The institution previously reported a “major technology outage” affecting online services, public Wi-Fi, phone network, and its website for several weeks. It confirmed in October that the National Cyber Security Centre (NCSC), Metropolitan Police, and cybersecurity specialists were investigating the incident.

On Tuesday, an NCSC spokesperson commented on the situation: “We are working with the British Library to fully understand the impact of an incident. Ransomware is the key cyberthreat facing the UK, and all organisations should take immediate steps to limit risk by following our advice on how to put in place robust defences to protect their networks.”

The Information Commissioner’s Office (ICO), the UK’s data protection watchdog, is also investigating the breach.

The Library said on X (formerly Twitter): “We know many of you have questions but, as this investigation is ongoing, we are unable to provide any more information at this time and we’ll update when we can. Thanks for your continued understanding.”

The British Library remains open, and visitors can access the reading rooms for personal study.

This incident another in series of ransomware attacks targeting major institutions and businesses worldwide, including ICBC, Marina Bay Sands, Clorox, MGM Resorts and Caesars Entertainment.

The Counter Ransomware Initiative (CRI), led by the UK and Singapore, recently signed a joint statement against ransomware, denouncing ransom payments to cybercriminals.

Hungry for more tech news?

Sign up for your weekly tech briefings!

Written by Tue 21 Nov 2023

Send us a correction Send us a news tip