British Library cyberattack

When the British Library did not acquiesce to the attempt, Rhysida publicly released approximately 600GB of leaked material online.

[1] The main catalogue returned online on 15 January 2024 in a read-only format, although some of the library's services are expected to remain unavailable for months.

[4] The Library was protected by firewalls and antivirus software but was not using multi-factor authentication (MFA), and had installed a new Terminal Services server in February 2020 to facilitate remote access to third-party providers and internal IT administrators during the COVID-19 pandemic; this was the server on which unauthorised access was first detected during the attack.

These attacks had previously affected the Metropolitan Opera in New York City and Natural History Museum in Berlin.

After gaining access, Rhysida used three methods to identify and copy the 600GB of documents during the attack, including personal details of Library users and staff.

Entrance gate to the British Library on Euston Road , St Pancras, London , looking towards the Newton statue