Rhysida ransomware gang claims British Library cyberattack

The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage. Rhysida is auctioning off the data it reportedly stole from the United Kingdom's national library systems. The ransomware group also leaked a low-resolution screenshot of what looks like ID scans stolen from the library's compromised system. On Wednesday, the FBI and CISA warned of Rhysida's opportunistic attacks targeting organizations across a broad range of industry sectors. "Threat actors leveraging Rhysida ransomware are known to impact 'targets of opportunity,' including victims in the education, healthcare, manufacturing, information technology, and government sectors," the two agencies said. "Observed as a ransomware-as-a-service model, Rhysida actors have compromised organizations in education, manufacturing, information technology, and government sectors and any ransom paid is split between the group and affiliates." A leak of HR documents stolen from the British Library was also confirmed today by the library's press office, which warned users to reset their passwords as a precautionary measure. The UK's national library has yet to find evidence that the attackers have gained access to other information during the incident. "We have now confirmed that this was a ransomware attack, by a group known for such criminal activity. We are aware that some data has been leaked, which appears to be from files relating to our internal HR information," it said. "We have no evidence that wider user data has been compromised. However, we are recommending as a precautionary measure that if users have a password for British Library services that they also use elsewhere, they should change it." The British Library first confirmed that a ransomware attack was behind this major outage last week. The attackers encrypted the library's systems on Saturday, October 28, and the resulting IT outage continues to impact the British Library's online systems, services, and certain onsite facilities, such as Wi-Fi, with the website still offline almost three weeks after the attack. The library estimates that it will restore many of its services within the next few weeks, but some disruptions might persist for an extended period. The library's website sees an annual influx of over 11 million visitors, while its collections are accessed daily by more than 16,000 individuals onsite and online. The British Library collection spans over 150 million items stored across 625 kilometers of shelves. Approximately 3 million new items are added to its archives yearly as the library receives copies of every publication released in the UK and Ireland. British Library: Ongoing outage caused by ransomware attack. FBI and CISA warn of opportunistic Rhysida ransomware attacks. Yamaha Motor confirms ransomware attack on Philippines subsidiary. Toyota confirms breach after Medusa ransomware threatens to leak data.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Rhysida ransomware gang claims British Library cyberattack

Rhysida ransomware gang claims British Library cyberattack - The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage. Rhysida is auctioning off the data it reportedly stole from the United Kingdom's national library ...
10 months ago Bleepingcomputer.com
Ransomware takes British Library goes offline - When the British Library was infected with ransomware, few could have predicted how damaging the attack would be. A month later, the Library's IT systems are still offline - and now hackers are threatening to sell stolen personal data too. On 31st ...
9 months ago Pandasecurity.com
FBI and CISA warn of opportunistic Rhysida ransomware attacks - The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors. Rhysida, a ransomware enterprise that surfaced in May 2023, quickly gained notoriety after breaching the ...
10 months ago Bleepingcomputer.com
Slovenia's largest power provider HSE hit by ransomware attack - Slovenian power company Holding Slovenske Elektrarne has suffered a ransomware attack that compromised its systems and encrypted files, yet the company says the incident did not disrupt electric power production. HSE is Slovenia's largest power ...
10 months ago Bleepingcomputer.com
British Library: Ongoing outage caused by ransomware attack - The British Library confirmed that a ransomware attack is behind a major outage that is still affecting services across several locations. Over 11 million visitors use the library's website annually, with more than 16,000 people using its collections ...
10 months ago Bleepingcomputer.com
British Library: Finances are healthy amid cyber rebuild The Register - The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. Reports at the weekend suggested the ransomware recovery costs were ...
9 months ago Go.theregister.com
British Library: Finances are healthy amid cyber rebuild The Register - The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. Reports at the weekend suggested the ransomware recovery costs were ...
9 months ago Packetstormsecurity.com
New Rhysida Ransomware Attacking Government and IT Industries - Hackers use ransomware to encrypt victims' files and demand payment for the decryption key. This malicious tactic allows them to extort money from the following entities by exploiting vulnerabilities in their digital systems:-. In May 2023, this new ...
9 months ago Gbhackers.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
7 months ago Bleepingcomputer.com
Toronto Public Library outages caused by Black Basta ransomware attack - The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. The Toronto Public Library is Canada's largest public library system, giving access to 12 million books through 100 branch libraries across ...
10 months ago Bleepingcomputer.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
9 months ago Bleepingcomputer.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
8 months ago Securityboulevard.com
Ontario public library shuts down most services due to cyberattack - A popular library in Ontario, Canada was forced to shut down most of its services this week due to a cyberattack - the latest library to face issues after hackers infiltrated its systems. The London Public Library, which services the Canadian city's ...
9 months ago Therecord.media
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
British Library hack: Customer data offered for sale on dark web - The British Library says it has evidence that user data was hacked in a cyber attack and offered for sale on the dark web. The library warned users who use the same password elsewhere to change it. The attack, which took place on 31 October, is ...
10 months ago Bbc.com
The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
9 months ago Bleepingcomputer.com
Ransomware Groups Gain Clout With False Attack Claims - The cybersecurity community is getting duped by fake breach claims from ransomware groups, experts say - and ransomware misinformation is a threat they predict will only grow in the coming months. The cybersecurity community should know that ...
8 months ago Darkreading.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
9 months ago Helpnetsecurity.com
Toronto Public Library 'remains a crime scene' after ransomware attack - The Toronto Public Library is still in the process of recovering from a ransomware attack that limited its offerings and required wholesale changes to how the organization runs. Toronto City Librarian Vickery Bowles published a lengthy note on ...
9 months ago Therecord.media
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
9 months ago Feeds.fortinet.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
9 months ago Unit42.paloaltonetworks.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
10 months ago Bleepingcomputer.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
8 months ago Bleepingcomputer.com
Ransomware gang takes credit for Christmas attack on global Lutheran organization - Details about a Christmas-season ransomware attack on a global Christian organization became clearer this week as a cybercrime gang took credit for what appears to be a related theft of data. The World Council of Churches, an inter-church ...
9 months ago Therecord.media
Ransomware review: December 2023 - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. In November there were 457 total ransomware victims, making it the most active month for ransomware gangs in 2023 so far besides May. The top ...
9 months ago Malwarebytes.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)