Thu. Dec 7th, 2023
    The Rhysida Ransomware Group Exposes Stolen Data from Cyberattack on British Library

    The notorious Rhysida ransomware group has claimed responsibility for the major cyberattack on the British Library, revealing a glimpse of the stolen data. Along with a low-resolution image shared on their leak site, the group displayed a collection of passport scans and other documents, including HMRC employment formats.

    To maximize the value of their loot, Rhysida initiated an auction for the stolen data, with bids set to close just before 0800 UTC on November 27. The criminal organization emphasized that only one single-party winner would be selected as the sole recipient of the stolen data. The bidding for this exclusive and unique information starts at 20 Bitcoin, equivalent to around $745,000.

    It is crucial to note that the winner will have no guarantee of exclusivity, as Rhysida may possess unlimited backups of the stolen data. The British Library, when approached for comment, did not provide any response to the claim.

    The British Library itself confirmed a significant IT outage at the end of October due to a cybersecurity incident. The confirmation that the attack was ransomware in nature came on November 14, while Rhysida’s claim was only recently unveiled on November 20.

    The repercussions of the attack are still being felt, with the library’s operations severely affected. During the initial stages, the famous red brick site in London’s St Pancras was restricted to cash-only transactions as electronic payments were disabled. Visitor’s access to wireless internet connectivity was also cut off, and there were limitations on order collection services. Currently, the website remains inaccessible, as it has been for several weeks.

    The library has been transparent in providing regular updates through its X account and a separate website, with certain services still reporting outages and disruptions. Addressing concerns about potential data theft, the library stated on November 15 that they had yet to ascertain the full scope of the attack. They assured users that efforts were being made to understand and resolve the situation promptly, aiming to restore all services as soon as possible.

    Q: Is the British Library aware of the full extent of the attack?
    A: As of November 15, the library reported that they were still working to determine the full scope of the attack and its impact on their services.

    Q: How is Rhysida attempting to profit from the stolen data?
    A: Rhysida initiated an auction for the stolen data, with only one winner set to acquire exclusive ownership. The starting bid stands at 20 Bitcoin.

    Q: How has the attack affected the British Library’s operations?
    A: The attack has caused significant disruption, leading to a cash-only payment system, limited order collection, and no wireless internet connectivity for visitors. The library’s website has also been inaccessible for several weeks.