British Library confirms data stolen during ransomware attack
Reading Time: 2 minutesThe British Library, the national library of the United Kingdom and one of the world’s largest libraries, has confirmed that a ransomware attack led to the theft of internal data.
In late October, the British Library first disclosed it was experiencing an unspecified cybersecurity incident that caused a ‘major technology outage’ across its sites in London and Yorkshire, which downed its website, phone lines, and on-site services, such as visitor Wi-Fi and electronic payments.
Two weeks on, and the British Library outage is still ongoing. However, the organization has now confirmed the disruption is the result of a ransomware attack launched ‘by a group known for such criminal activity.’ The British Library said that some internal data has leaked online, which ‘appears to be from our internal HR files.’
The Rhysida ransomware gang hasn’t said how much or what types of data it has stolen from the British Library, but samples of the data shared by the gang appear to include employment documents and passport scans.
Rhysida was last week the subject of a joint CISA and FBI advisory, which warned that the group leverages external-facing remote services, such as VPNs, to compromise organizations across the education, IT and government sectors. The advisory also warned that Rhysida, which was first observed in May, shares overlaps with the Vice Society ransomware gang, a hacking group known for ransomware extortion attacks on healthcare and educational organizations.
‘Notably, according to the ransomware group’s data leak site, Vice Society has not posted a victim since July 2023, which is around the time Rhysida began reporting victims on its site,’ Sophos researchers Colin Cowie and Morgan Demboski wrote in a recent analysis of Rhysida.
It’s not uncommon for ransomware gangs to disband, rebrand or create new malware variants, often as a way to evade government sanctions or avoid arrest by law enforcement.
In a statement on Monday shared on X (formerly Twitter), the British Library said it has ‘no evidence’ that the data of its customers was compromised but is recommending that users change their passwords as a ‘precautionary measure,’ particularly if customers use the same passwords across multiple services.
It’s not known if the British Library has the technical means to determine if customer data was taken.
The British Library said in its latest statement that it could take weeks, or possibly even longer, for it to recover from the ransomware attack. ‘We anticipate restoring many services in the next few weeks, but some disruption may persist for longer,’ the statement said.
‘In the meantime, we’ve taken targeted protective measures to ensure the integrity of our systems, and we’re continuing to investigate the attack with the support of [National Cyber Security Centre], the Metropolitan Police and cybersecurity specialists.’
Reference: https://techcrunch.com/2023/11/20/british-library-employee-data-stolen-ransomware-attack/
Ref: techcrunch
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG