The British Library ransomware attack was likely caused by the compromise of third-party credentials coupled with no multifactor authentication (MFA) in place to stop the attackers, despite previous warnings about these risks.
This is according to a British Library report that sheds new light on the October 2023 attack, which shut down digital services and breached the personal data of Library users and staff.
The attack was claimed by the Rhysida ransomware group, who placed exfiltrated data for sale on the dark web after the British Library refused to pay the ransom demand.