British Library, Part III: Cyberattack Fallout

In late October 2023, the British Library was brought to a standstill by a devastating ransomware attack that crippled its digital infrastructure and exposed sensitive personal data. More than a year later, the institution continues to rebuild, highlighting the high costs—financial, operational, and ethical—of cyberattacks on public-facing cultural organizations.

In late October 2023, a ransomware attack shut down major systems at the British Library. During the COVID-19 pandemic lockdowns, the library had expanded remote online access to ensure continued public service. However, as a UK charity that relies largely on donations—unlike the U.S. Library of Congress, which is a government entity—the British Library faced significant financial constraints. Although staff were aware of security vulnerabilities in the system, the high cost of upgrades meant those fixes were considered a low priority.

The hacker group Rhysida, which claimed responsibility for the attack, exploited a loophole in the remote sign-in system to gain access. Once inside, the group copied and illegally removed roughly 600 gigabytes of data, including personal information belonging to staff and library users. Rhysida demanded a ransom—estimated at around £600,000 in Bitcoin—in exchange for restoring services and data. The library refused to pay, citing legal and ethical concerns. In response, the hackers published stolen staff and user data on the dark web.

Following the breach, the British Library was required to notify those affected and provide guidance and support to individuals whose personal information had been compromised.

The financial impact has been severe. Repairing and replacing the damaged systems is estimated to cost between £6 million and £7 million—approximately 40% of the library’s financial reserves. After a prolonged disruption, parts of the main catalogue returned online in read-only form, and by mid-December 2025 much of the catalogue had been restored. Even so, full functionality has not yet returned.

Before the attack, the library offered many digital books for free download and provided online access to digitized manuscripts. Of the nearly two million items in the Archives and Manuscripts collection, about 527,746 have been digitized and are available for online viewing. Materials that have not been digitized must still be accessed in person. The cyberattack disabled download links for free digital books, and that service has not yet been fully restored.

As of this writing, access remains limited and slow. Researchers are unable to request materials, check availability, or manage accounts, and interlibrary loan services continue to be disrupted. Some reading rooms cannot offer full digital services, while Wi-Fi, digital terminals, and research tools operate with reduced functionality.

The repair and replacement of damaged infrastructure—along with the transition to a more secure system—remain a careful and ongoing process. Given the scale and complexity of the work, the British Library has not announced an expected completion date.