Rhysida ransomware gang claims British Library cyberattack

Trending 1 week ago

Hackers in library

The Rhysida ransomware assemblage has claimed albatross for a cyberattack on the British Library in October, which has acquired a above advancing IT outage.

Rhysida is auctioning off the abstracts it reportedly blanket from the United Kingdom's civic library systems. The assemblage is accepting bids from absorbed parties over the abutting seven days.

"With aloof 7 canicule on the clock, appropriate the befalling to bid on exclusive, unique, and absorbing data," the assemblage says.

"Open your wallets and be accessible to buy absolute data. We advertise alone to one hand, no reselling, you will be the alone owner!"

The ransomware accumulation additionally leaked a low-resolution screenshot of what looks like ID scans baseborn from the library's compromised system.

On Wednesday, the FBI and CISA warned of Rhysida's adept attacks targeting organizations above a ample ambit of industry sectors.

"Threat actors leveraging Rhysida ransomware are accepted to appulse 'targets of opportunity,' including victims in the education, healthcare, manufacturing, advice technology, and government sectors," the two agencies said.

"Observed as a ransomware-as-a-service (RaaS) model, Rhysida actors accept compromised organizations in education, manufacturing, advice technology, and government sectors and any bribe paid is breach amid the accumulation and affiliates."

British Library access on Rhysida's aperture websiteBritish Library arrangement on Rhysida's aperture website (BleepingComputer)

Stolen HR abstracts leaked online

A aperture of HR abstracts baseborn from the British Library was additionally accepted today by the library's columnist office, which warned users to displace their passwords as a basic measure.

However, the UK's civic library has yet to acquisition affirmation that the attackers accept acquired acceptance to added advice during the incident.

"We accept now accepted that this was a ransomware attack, by a accumulation accepted for such bent activity. We are acquainted that some abstracts has been leaked, which appears to be from files apropos to our centralized HR information," it said.

"We accept no affirmation that added user abstracts has been compromised. However, we are advising as a basic admeasurement that if users accept a countersign for British Library casework that they additionally use elsewhere, they should change it."

The British Library first confirmed that a ransomware advance was abaft this above abeyance aftermost week.

The attackers encrypted the library's systems on Saturday, October 28, and the consistent IT abeyance continues to appulse the British Library's online systems, services, and assertive onsite facilities, such as Wi-Fi, with the website still offline about three weeks afterwards the attack.

The library estimates that it will restore abounding of its casework aural the abutting few weeks, but some disruptions ability abide for an continued period.

The library's website sees an anniversary arrival of over 11 actor visitors, while its collections are accessed circadian by added than 16,000 individuals onsite and online. 

The British Library accumulating spans over 150 actor items stored above 625 kilometers of shelves. Approximately 3 actor new items are added to its athenaeum annual as the library receives copies of every advertisement appear in the UK and Ireland.