British Museum forced to partly close following cyberattack by ex-worker

(Image credit: Shutterstock)

World-famous British Museum suffers days-long cyberattack
The attack was caused by a former IT contractor
Exhibitions were closed over the weekend, but have since reopened

A former employee of the British Museum has been arrested on suspicion of burglary and criminal damage after allegedly performing an on-site cyberattack which shut down exhibits for several days.

“An IT contractor who was dismissed last week trespassed into the museum and shut down several of our systems. Police attended and he was arrested at the scene,” a spokesperson for the British Museum said.

The former contractor’s actions caused the ticketing system for the museum to cease functioning, leading to exhibits only being open to pre-booked bookings and members.

Exhibitions closed

The Metropolitan Police said that it had been called to the museum at 8.25pm last Thursday on reports that “a man entered the British Museum and caused damage to the museum’s security and IT systems”. Police attended the scene and arrested a man in his 50s, who has since been bailed.

An email sent to members of the British Museum this morning said that the museum’s three exhibitions were now open. “The closures over the past days will have been disappointing and frustrating, and we are very sorry if your planned visit was impacted."

"We will be working to add additional opportunities to see the exhibitions out of hours in the coming weeks. Thank you for your patience and understanding as colleagues worked to resolve the issues,” the email said.

The museum also offered refunds to ticket holders.

The attack highlights the need for organizations to implement strict identity management policies to ensure that credentials and privileges are rescinded when an employee’s contract ends, preventing them from accessing IT or network infrastructure.

Museums, charities, and other cultural institutions are increasingly becoming the targets of ransomware and cyber attacks due to the customer data they handle. Organizations such as these often fail to recognize themselves as potential targets of cyberattacks, and as a result place less priority on investing in cybersecurity systems.

Via The Guardian

Here is our guide to the best ransomware protection
Take a look at our roundup of the best antivirus software
Hackers use GenAI to attack more frequently and effectively

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.