The British Library, one of the largest libraries in the world and the national library of the United Kingdom, has officially announced that it fell victim to a ransomware attack, resulting in the theft of internal data. The attack, which occurred in late October, caused a major technology outage across the library’s sites in London and Yorkshire. As a result, the library’s website, phone lines, and on-site services such as visitor Wi-Fi and electronic payments were affected.
Key Takeaway
The British Library has confirmed that it suffered a ransomware attack, leading to the theft of internal data. The ongoing disruption is the result of a cyberattack by a known criminal group. While it remains unclear how much data was stolen, the stolen data is believed to include employment documents and passport scans. The library is actively working to restore its services and is investigating the incident with the support of cybersecurity experts and law enforcement agencies.
Ransomware Attack by Known Criminal Group
The British Library stated that the ongoing disruption is a direct result of a ransomware attack carried out by a group notorious for such criminal activities. The library also confirmed that some of its internal data has been leaked online, specifically from its internal HR files. This confirmation came after the library was listed on the dark web leak site associated with the Rhysida ransomware gang, which claimed responsibility for the attack and demanded a ransom of more than $740,000 worth of Bitcoin.
Potential Loss of Sensitive Data
While the specific details and extent of the stolen data remain undisclosed, samples shared by the Rhysida ransomware gang suggest that it includes employment documents and passport scans. The British Library has not yet provided information about the scale of the data breach or whether it has received any ransom demands or communication from the hackers. The library has recommended that users change their passwords as a precautionary measure, particularly if they use the same passwords across multiple services.
Investigation and Recovery
The British Library is currently working closely with the National Cyber Security Centre, the Metropolitan Police, and cybersecurity experts to investigate the attack. However, the library has not revealed any information about how it was compromised. The restoration of services may take weeks, or even longer, as the library undertakes targeted protective measures and continues its investigation.