Toronto Public Library’s services have been impacted following a cyber attack.
The library’s 100 branches are open and material can be loaned. The free Wi-Fi service at the branches continues. So are services such as Kanopy, which offers online movies; the digital archive, which allows viewers to see manuscripts and digitized books; the TPL Kids site, library programs recorded on YouTube and Crowdcast; and podcasts.
However, publicly-available computers and printing services at the branches are unavailable. Also unavailable are users’ online accounts and the library’s digital collections.
Not only is the TPL system the largest public library in Canada, according to Wikipedia it’s the largest lending library in the world.
“As of now,” the library said in a statement on its home page, “there is no evidence that the personal information of our staff or customers has been compromised.”
The incident was detected on Saturday. “TPL has proactively prepared for cybersecurity issues and promptly initiated measures to mitigate potential impacts,” the statement says. “We have engaged with third-party cybersecurity experts to help us in resolving this situation. We do anticipate though that it may take several days before all systems are fully restored to normal operations.”
Asked for comment late Sunday, a library spokesperson wouldn’t go further than the website information.
Public libraries aren’t immune from cyber attacks. One of the most recent happened earlier this year when an Ohio county’s library was hit by ransomware. Also this year, a Washington State county was hit, with the attackers getting personal information of 735 subscribers. Boston Public Library was hit in 2021.
In 2020, the nonprofit public library of Northhampton, Pa. was hit by ransomware. In an interview after that attack, the IT manager said a true investigation into exact causes would have cost tens of thousands of dollars and was not covered by their insurance. As a result of prior planning and good IT practices, the IT manager said, minimal data was lost. Backups had saved most of their files. “It is important for libraries to take preemptive measures,” the manager was quoted as saying, “because once you get hit with a ransomware attack it’s too late.”
While unlikely to be targets, public libraries are usually divisions of municipal governments, which some attackers go after hoping public pressure or embarrassment will force them to capitulate to extortion.