Libya’s Central Bank Contained Cyberattack, Investigates Dark Web Data Leak
Libya’s Central Bank (CBL) confirmed a cyberattack detected three weeks ago, which temporarily disrupted key banking and accounting systems. Emergency measures were immediately activated to contain the breach, and core services including customer accounts remain fully operational and unaffected.
Reports of leaked financial data surfaced online following the incident, prompting the CBL to investigate potential exposure on the dark web. The bank stated it would not engage with extortion demands and is conducting both technical and criminal probes in collaboration with international experts. While the nature of the leaked data is still under analysis, the CBL emphasized that financial assets and customer accounts remain secure.
The attack follows earlier disruptions in the country’s financial sector, though no direct link to the current breach has been confirmed. The incident underscores ongoing cybersecurity challenges in Libya’s critical infrastructure.
Source: https://libyaobserver.ly/news/cbl-investigates-alleged-data-leak-after-cyberattack
Central Bank of Libya cybersecurity rating report: https://www.rankiteo.com/company/central-bank-of-libya
"id": "CEN1782736224",
"linkid": "central-bank-of-libya",
"type": "Cyber Attack",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Banking',
'location': 'Libya',
'name': 'Libya’s Central Bank (CBL)',
'type': 'Financial Institution'}],
'customer_advisories': 'Financial assets and customer accounts remain secure',
'data_breach': {'data_exfiltration': 'Potential exposure on the dark web',
'type_of_data_compromised': 'Financial data'},
'description': 'Libya’s Central Bank (CBL) confirmed a cyberattack detected '
'three weeks ago, which temporarily disrupted key banking and '
'accounting systems. Emergency measures were immediately '
'activated to contain the breach, and core services including '
'customer accounts remain fully operational and unaffected. '
'Reports of leaked financial data surfaced online following '
'the incident, prompting the CBL to investigate potential '
'exposure on the dark web. The bank stated it would not engage '
'with extortion demands and is conducting both technical and '
'criminal probes in collaboration with international experts. '
'While the nature of the leaked data is still under analysis, '
'the CBL emphasized that financial assets and customer '
'accounts remain secure.',
'impact': {'data_compromised': 'Financial data potentially leaked',
'downtime': 'Temporary disruption',
'operational_impact': 'Core services remain operational',
'systems_affected': 'Key banking and accounting systems'},
'investigation_status': 'Ongoing (technical and criminal probes)',
'ransomware': {'ransom_paid': 'Would not engage with extortion demands'},
'references': [{'source': 'News report'}],
'response': {'containment_measures': 'Contained the breach',
'incident_response_plan_activated': 'Emergency measures '
'activated',
'third_party_assistance': 'International experts'},
'title': 'Cyberattack on Libya’s Central Bank',
'type': 'Cyberattack'}