The Rhysida ransomware group has claimed responsibility for a cyberattack on the British Library, resulting in a major IT outage. The group is auctioning off a substantial trove of stolen data, which it plans to sell for 20 BTC to a single buyer. The attack occurred on October 28, causing disruptions to on-site services, including public Wi-Fi. The library has confirmed that the leaked data is from its internal HR files. The National Cyber Security Centre is assisting in the investigation, and the library has notified law enforcement agencies. The incident aligns with a joint advisory from the FBI and CISA warning of Rhysida ransomware attacks across various sectors. The Rhysida group, active since May 2023, operates as a ransomware-as-a-service, impacting targets of opportunity in education, healthcare, manufacturing, IT, and other sectors. The attackers leverage external-facing remote services and living off-the-land techniques, exploiting vulnerabilities like Zerologon in phishing attempts. The British Library plans to partially restore services in the coming weeks, but some disruption may persist.