The Toronto Public Library (TPL) has been gradually recovering from a ransomware attack that disrupted its online and in-person services for months. The library says it has taken measures to enhance its cybersecurity and protect its customers’ and employees’ data.
What happened in the cyberattack?
The ransomware attack occurred on Oct. 28, 2023, when hackers breached a vulnerability in an internet-facing server and encrypted data from a file server. The attackers also stole a large number of files, including some that contained personal information of current and former employees, such as names, social insurance numbers, and copies of government-issued identification.
The attack affected the library’s website, online user accounts, digital collections, printing and computer services, and map passes. Users were unable to access the catalogue, place holds, renew items, or use the computers at the branches. The library’s telephone lines and wi-fi remained operational, and the branches stayed open as scheduled.
How did the library respond to the attack?
The library says it promptly initiated measures to mitigate the potential impacts of the attack and engaged with third-party cybersecurity experts and law enforcement to help resolve the situation. The library also notified the affected employees and offered them credit monitoring and identity theft protection services.
The library says it has been rebuilding its network and implementing a number of cybersecurity enhancements, such as upgrading its firewall, installing antivirus software, and conducting regular backups. The library also says it has learned and developed from the advice of the technical experts and will continue to review and improve its security practices.
The library says it has no evidence that any customer, donor, or volunteer data has been compromised, but it is still investigating the full extent of the data breach. The library says it will be transparent and notify those affected as appropriate in light of any findings.
What is the current status of the library’s services?
The library says it has restored most of its services as of Feb. 29, 2024, after more than four months of disruption. The library’s website, online user accounts, digital collections, printing and computer services, and map passes are now fully functional. Users can access the catalogue, place holds, renew items, and use the computers at the branches.
The library says it is grateful for the patience and support of its customers and staff during this challenging time. The library says it is committed to providing high-quality and accessible services to the public and to protecting the privacy and security of its data.
