Last month, the British Library Computer Network fell victim to a ransomware attack, purportedly carried out by the Rhysida Ransomware, a newly identified malware variant. The perpetrators are now demanding a ransom of 20 bitcoins to decrypt the compromised database and return the stolen data.
Despite the ransom demand, the British Library staff has opted not to comply and has enlisted the assistance of law enforcement and forensic experts to navigate the situation. The decision is rooted in the cautionary advice provided by the US-CERT, in collaboration with the FBI, which highlights the uncertainty surrounding the hackers’ commitment to returning the data even if the ransom is paid. Additionally, there is a significant risk that the stolen information might be released on the dark web in the future.
While the London research library has not issued an official statement on the matter, a credible source from the National Library of the United Kingdom suggests that the HR database may have been compromised. This could potentially expose details related to salaries, pay raises, and certain staff information.
The cyber attack occurred on October 28, 2023, and the assailants have given the library management a 7-day grace period to meet their ransom demands, following a 15-day window since the initial breach. Failure to comply within this timeframe may result in serious consequences for the library staff.
It’s worth noting that a recent incident involving the ransomware group ALPHV, also known as BlackCat, saw the group filing a complaint with the SEC against Meridian Link. The complaint alleges that Meridian Link failed to promptly inform its customers about a cyber attack within a prescribed 4-day timeframe.