The British Library has reported that it has evidence that its user data was obtained and sold on the dark web after a cyber attack. Users who use the same password in more than one location have been cautioned to change it. The cyber attack, which happened on 31 October, is still affecting the library’s website, systems, and some on-site services. The Rhysida ransomware group is believed to have been behind the assault and suggested they would auction the stolen data. Last week, the cyber group stated that the price for data that includes passport scans was 20 Bitcoin (£596,459).
On Monday evening, the British Library, the UK’s biggest, posted on X, “Following last week’s confirmation that this was a ransomware attack, we now have evidence that indicates the attackers might have copied some user data, and additional data appears to have been published on the dark web.” The library has enlisted cybersecurity experts to assess what material has been taken and will contact users to alert them to the necessary preventative steps. In the unlikely event of having a password for British Library services that is used on other websites, it has been recommended that the password be changed as a precaution.
When the attack was first discovered, the library confirmed that some employee data had still been revealed. At the time, there was no proof that users’ data had been hacked. The Rhysida ransomware group, who have also attacked the Chilean army, the Portuguese city of Gondomar, and the University of West of Scotland, was behind the attack and said that the auction for “exclusive, unique, and impressive data” would end just before 08:00 GMT on 27 November, being sold to just one single-party winner.
The cyber criminals shared a picture to their leak site on the dark web, demonstrating various documents, including HMRC employment contracts and passports, although the data has yet to be verified
Read the full article from The BBC here: Read More