At the end of October 2023, the UK’s national treasure, the British Library, faced a significant disruption to its services due to an IT outage. However, it soon emerged that the venerable institution had fallen victim to a ransomware cyber attack orchestrated by the Rhysida gang. This malicious act resulted in the theft and subsequent leaking of the library’s data by cyber criminals.
Since then, the British Library has been diligently working to restore its disrupted services, although progress has been slow due to ongoing forensic investigations. In light of these events, it’s crucial to understand the timeline and implications of this cyber attack.
Rhysida claimed their responsability
The Rhysida gang, responsible for the ransomware attack, leaked internal human resources documents, including employee passports and contracts, on the dark web. They also initiated an auction of stolen data, demanding 20 bitcoins (approximately £600,000) for the entire dataset.
By the end of November, it was confirmed that user data, including nearly 90% of the stolen files, had been leaked by Rhysida. Notably, this indicates the British Library’s steadfast stance against negotiating or cooperating with the attackers’ demands—an approach aligned with recommended best practices for handling ransomware attacks.
How they got data
The leaked data, totaling 573GB, encompasses almost 500,000 files, many sourced from the library’s customer relationship management (CRM) database. These files contain sensitive personal information, including names, email addresses, and, in some instances, postal addresses and telephone numbers. Fortunately, no financial data appears to have been compromised.
Means to avoid such attacks
In response to this breach, organizations must bolster their cybersecurity measures to prevent similar incidents. Implementing robust network security solutions, such as RELIANOID’s network appliance, alongside strict adherence to cybersecurity best practices, can significantly mitigate the risk of ransomware attacks and protect valuable data assets. Let’s learn from the British Library’s experience and prioritize proactive cybersecurity measures to safeguard against future threats.
Related Blogs
