Rhysida ransomware gang: "We attacked the British Library"
The British Library, one of the world’s largest libraries and the national library of the United Kingdom, has acknowledged that a ransomware attack has resulted in the theft of internal data. Initially reported in late October, the cyber incident prompted a significant technology outage affecting the library’s locations in London and Yorkshire.
The attack affected the library’s website, phone lines, and on-site services, including visitor Wi-Fi and electronic payments. While the disruption persists two weeks later, the British Library has now confirmed that the incident is indeed a ransomware attack perpetrated by a group known for such activities. Regrettably, internal HR files have been identified among the leaked data, underscoring the severity of the breach.
This acknowledgment follows the British Library’s inclusion on the dark web leak site operated by the Rhysida ransomware gang. According to TechCrunch, the gang asserted responsibility for the cyberattack and issued a threat to disclose data pilfered from the British Library unless a ransom is paid. As of the latest information, the gang has demanded a payment exceeding $740,000 in bitcoin. While the specific nature and extent of the compromised data remain undisclosed by the Rhysida ransomware gang, shared samples suggest the inclusion of employment documents and passport scans among the stolen information.
On Monday, in a statement posted on X (previously known as Twitter), the British Library asserted that there is “no evidence” of customer data compromise. However, as a precautionary measure, the library recommends users change their passwords, especially if they use the same passwords across various services.
The British Library has not provided details on the method of compromise, the extent of employee data stolen, or whether any communication or ransom demand has been received from the hackers. Despite inquiries, the British Library has not responded to questions, and it remains uncertain if the organisation currently has access to email services. As of the time of publication, the library’s website continues to be offline
“In the meantime, we’ve taken targeted protective measures to ensure the integrity of our systems, and we’re continuing to investigate the attack with the support of [National Cyber Security Centre], the Metropolitan Police and cybersecurity specialists.” – The British Library.