British Library: Employee data leaked in cyber attack
The British Library has confirmed that a cyber attack has led to a leak of employee data
(Web Desk) - The attack, which took place on 31 October, has also resulted in the library's website being down for almost a month.
The Rhysida ransomware group claim to be behind the attack, and say they will auction off the stolen data.
The cyber gang say the price for data, that includes passport scans, has been set at 20 Bitcoin (£596,459).
The British Library, the UK's largest library, posted on X, saying: "Following confirmation last week that this was a ransomware attack, we're aware that some data has been leaked. This appears to be from our internal HR files."
However, it added that it has "no evidence that data of our users has been compromised", and it has not confirmed that the data being sold at auction belongs to British Library employees.
A National Cyber Security Centre (NCSC) spokesperson said it was working with the library to "fully understand the impact" of the incident.
It added: "Ransomware is the key cyber threat facing the UK, and all organisations should take immediate steps to limit risk by following our advice on how to put in place robust defences to protect their networks."
On Monday the Rhysida ransomware group said it was behind the attack and shared an image to its leak site on the dark web showing various documents, some of which appear to be HMRC employment contracts and passports.
The BBC has not verified whether the data is real.
The cyber criminals said an auction for "exclusive, unique and impressive data" would end just before 0800 GMT on 27 November, and would be sold to one single-party winner.
On 15 November the FBI and the US Cybersecurity & Infrastructure Security Agency issued a warning on the threat posed by Rhysida.
In a joint statement, it said: "Threat actors leveraging Rhysida ransomware are known to impact 'targets of opportunity', including victims in the education, healthcare, manufacturing, information technology, and government sectors."
The group are also behind recent attacks on the Chilean army, the Portuguese city of Gondomar and the University of West of Scotland.