November 20, 2023 at 07:12AM
The Rhysida ransomware group claims responsibility for the October cyberattack on the British Library, leaking stolen data including passport scans and HMRC employment documents. They have initiated an auction for the data with a starting bid of 20 Bitcoin ($745,000). The British Library confirmed the ransomware attack in November and is still experiencing disruption. Rhysida is known for targeting various sectors and utilizing old vulnerabilities and phishing techniques. The group is believed to operate on a ransomware-as-a-service model.
Summary:
The Rhysida ransomware group has claimed responsibility for the cyberattack on the British Library in October. They have leaked a snippet of stolen data, including passport scans and HMRC employment document formats. Rhysida has started an auction for the stolen data, with a starting bid of 20 Bitcoin. The British Library confirmed the cyberattack and ransomware nature in November. The attack caused significant disruption to services, with the library’s website remaining down. The library has been providing regular updates on the situation. The full extent of the data theft is still unknown. Rhysida’s claim of responsibility suggests that negotiations with the victim may have broken down. The US’ Cybersecurity and Infrastructure Security Agency (CISA) has released an advisory on the Rhysida ransomware strain, which primarily targets organizations in education, healthcare, manufacturing, information technology, and government sectors. Some security researchers have linked Rhysida’s activities to the Vice Society group. Rhysida operates on a double extortion model and uses living off the land techniques.