Cyber-attack update
We're continuing to experience disruption as a result of a cyber-attack that took place in October 2023. The outage is still affecting our website, online systems and services, as well as some onsite services, however our buildings are open as usual.
The attack caused substantial damage that is complex and challenging to repair, beginning with the installation of a completely new computing infrastructure for the entire Library.
We are continuing to restore our services. Follow the latest updates in our blog.
Our teams have been working since the cyber-attack to find ways to restore access to as much of our collection as possible, but disruption to certain services is expected to persist for some time. Find out more about the impact on our research services.
We have published a paper about the attack and its impact, introduced in this blog by our Chief Executive. Its goal is to share our understanding of what happened and to help others learn from our experience.
In November the attackers released some of our data onto the dark web including some personal user information. We've contacted our users to alert them to this incident and to offer advice from the National Cyber Security Centre (NCSC) on how to protect themselves, including updating their passwords on other systems.
If you have any questions relating to your data you can email our Data Protection Officer at data.governance@bl.uk.
Because our systems were badly damaged during the cyber-attack they remain unavailable, so you can't change the password for our services. However, if you use the same password for non-British Library services, we recommend that you change it as a precaution.
The NCSC offers advice on staying secure online, including how to create a strong password, as well as specific guidance for individuals who may have been impacted by a data breach.
We're really sorry for the ongoing disruption to our systems and services and we'll provide further updates when we can. Thank you for bearing with us.
Frequently asked questions
Can you tell me what, of my personal data, has been breached?
Please send your request to customer@bl.uk. However, please note that we may not be able to identify exactly what information was compromised given the nature of the attack and we might not be able to action these requests at the moment, but will attempt to do so when we again have access to our systems.
How do I change my password when your website is down?
Because our systems remain unavailable, you won't be able to change the password you have previously used to access British Library services. However, if you use the same password, or one similar, to access other, non-British Library services, we recommend that you change it as a precaution.
If you have not already done so you should take this action immediately. The NCSC provides guidance on staying safe online, as well as specific guidance for individuals who may have been impacted by a data breach.
How long will it take for all your systems to be back up and running?
The assessment of the damage and the replacement of our systems is a significant challenge and will continue for some time. You can find out more about the impact on our research services here.
I want to visit, will I be able to access what I need?
Our buildings in London and Yorkshire are open as usual, but our services are limited. You can use our Reading Rooms and public areas for personal study but there is limited access to collection items. You can find out more about how to use our research services here.
Our exhibitions and events are all going ahead as planned, and our Treasures Gallery, shops, cafes and restaurants in London are open as usual.
My Reader Pass has expired. What do I do?
Can I see collection items if I come on site?
I'm a former member of staff and worried about my personal data - what should I do?
Please email customer@bl.uk and we'll come back to you as soon as we can.
Contact us
Please email customer@bl.uk (08.30 - 16.30 Monday to Friday).
We'll get back to you as quickly as we can but are currently experiencing a high volume of enquiries so it may take us some time to respond.