I t had been ​ twenty years since my last research trip to the British Library when, in November last year, I received an email with the subject

Vadim Nikitin · Dadada: Chasing the Cybercriminals

submited by
Style Pass
2024-11-22 22:00:06

I t had been ​ twenty years since my last research trip to the British Library when, in November last year, I received an email with the subject line: ‘Important information about our recent cyber incident’.

As you may be aware, we are currently experiencing a major technology outage as a result of a cyber attack. Following confirmation that this was a ransomware attack, we’re aware that some data have been leaked. While this appears to be from our internal HR files, we recommend that if you have a British Library login with a password that you use elsewhere, you change it on other sites as a precautionary measure.

A dull enough standard warning. But a week later the British Library wrote again: ‘Important information about your data’. The cybercriminals had breached the library’s Customer Relationship Management (CRM) databases. ‘At a minimum these databases contain the name and email address of most of our users. For users of some of our services, these databases may also contain a postal address or telephone number.’

The attack, which took place on 28 October, began with the wholesale copying of records held by the library’s finance, technology and HR departments. Then the hackers ran a keyword search for any references to sensitive terms such as ‘passport’ or ‘confidential’, both on the library network and on the personal drives used by staff. Finally, parts of the CRM databases were backed up and deleted from the network. No bank or credit card details were stolen, according to the British Library’s official review. Nor was there evidence that the library’s Electoral Roll database was compromised. The hackers demanded 20 bitcoins, then worth £600,000. When the library refused, citing government policy prohibiting publicly funded institutions from paying ransoms, the stolen data was auctioned off on the dark web.

Leave a Comment