Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Library. Show all posts
Personal Data Breach
Cyberattacks Data Breach Data breaches attacks Data Leak data security INC Ransom gang Inc ransomware Library Personal Data Breach

Pierce County Library System Data Breach Exposes Information of Over 340,000 People

 

A cyber attack on the Pierce County Library System in the state of Washington has led to the compromise of personal data of over 340,000 people, which is indicative of the rising threat of cybersecurity breaches being posed to public services. This attack has impacted library services in the entire county, along with library users and staff. The incident was made known to the public through breach notification letters published on the website of the Pierce County Library System. 

The incident, as revealed in the notification letters, occurred when the library system detected the incident on April 21 and decided to shut all library systems in an effort to control the breach. The library system conducted an investigation that confirmed the breach had taken place. 

The library network was also able to identify that the exfiltration of data from individuals who utilized or were part of the institution was successful on May 12. It was established that the hackers had access to the network from April 15 to April 21. Access to sensitive information was gained and exfiltrated during this time. The level of information that was vulnerable varied depending on who was targeted. 

The data that was breached for the benefit of the library patrons included names and dates of birth. Though very limited compared to the data for employees, this data is still significant for use in identity-related fraud. The breach had severe implications for current and former employees who worked within the library system. The data that was stolen for them included Social Security numbers, financial accounts, driver’s license numbers, credit card numbers, passports, health insurance, and certain data related to medical matters. 

This particular ransomware assault would later be attributed to the INC ransomware gang, which has been responsible for a number of highly detrimental attacks on government bodies over 2025. The gang has previously conducted attacks on bodies such as the Office of the Attorney General of Pennsylvania and a countrywide emergency alert service used by local authority bodies. This type of situation is not the first that has occurred on the level of Pierce County. 

In the year 2023, Pierce County was the victim of a ransomware attack on the public transit service that the community utilized heavily because the service was used by 18,000 riders on a daily basis. Public library networks have become a common target for ransomware attacks in recent years. This is because cybercriminals also perceive public libraries as high-stakes targets since community members depend on them for internet access to their catalogs and other digital services, creating a challenge where an organization may feel pressured into paying a ransom demand to resume operations. Such attacks also include national and city library networks in North America. 

The current threat environment has led to calls for developing targeted programs within the government in the United States that would evaluate risks for libraries' cybersecurity environments. This involves enhancing data sharing related to cyber attacks and providing libraries with more support and advanced services from firewalls that target libraries specifically. 

The increasing digitization efforts by libraries as government institutions further solidify that a breach such as that which Pierce County experienced is a reminder that a continued investment in cybersecurity measures is a necessity.
Read more »
Ransomware attack
Cyber Attacks data security Hacking Attack Internet Services Library Phishing emails Public Networks Ransomware attack

Delaware Libraries Hit by Ransomware Attack, Internet Services Disrupted

 

Last week, Delaware’s public libraries faced a cyberattack, causing widespread disruption to computer and internet access. Signs posted at libraries informed visitors that Wi-Fi and PCs were out of service, with officials confirming a ransomware attack took down all internet services. Despite the inconvenience, visitors can still check out books and use other library services. Ransomware attacks like this often start with phishing emails or social engineering, where users are tricked into actions that allow hackers access. 

Matt Barnett, CEO of cybersecurity firm Sevn-X, explained that attackers typically cast a wide net with phishing emails, waiting for a target to take the bait. He speculated that the hackers responsible for this attack are likely from Russia or Eastern Europe, suggesting they targeted Delaware not out of malice but simply because it was an easy opportunity. Hackers look for low-hanging fruit, making any vulnerable entity a potential target. Ransomware attacks usually demand payment in exchange for returning access to the compromised systems. 

In this instance, Delaware state officials have not confirmed if any personal information was stolen. However, the situation serves as a stark reminder of the importance of cybersecurity, even for community services like public libraries. Cybersecurity experts stress the need for vigilance and proactive measures to protect against such threats. Organizations should implement strong email security protocols, train employees to recognize phishing attempts, and regularly update software to patch vulnerabilities. Regular data backups are also essential, ensuring that in the event of an attack, systems can be restored without paying a ransom. 

While this attack has disrupted library services, it is also a learning opportunity. Public institutions, often seen as “soft targets,” must prioritize cybersecurity to protect their networks, systems, and the personal data of their users. By investing in robust cybersecurity measures, conducting employee training, and implementing multi-factor authentication, public services can better defend themselves against future attacks. 

This incident serves as a reminder that cyber threats are ever-present, and even seemingly small targets like public libraries are not immune. As ransomware attacks continue to rise, organizations of all sizes must take active steps to fortify their defenses and educate themselves about potential risks.
Read more »
Toronto
City of Hamilton Computers cyber attack Library Ransomware Toronto

Hamilton Library Struggles to Restore Services After Cyberattack

 




Hamilton Public Library's services have been severely disrupted for three months following a ransomware attack on the City of Hamilton's computer systems. Public computers remain offline at all 23 library branches, and there's no clear timeline for when these services will be restored.


The cyberattack occurred on February 25, forcing the library to shut down various services to prevent further damage. Chief librarian and CEO Paul Takala explained that this was a necessary precaution to ensure the safety of the library's systems. Although some services, like free WiFi, have been restored, the process of building a more secure network to safely reintroduce public computer access is still ongoing.


The uncertainty surrounding the timeline for full restoration is a major concern. "Speculating isn't helpful," said Takala. "We hope it will be soon, but we must be careful and can't make any commitments."


The prolonged outage has had a significant impact on library patrons like Deepthi Jayatunge, who relies on the library's computers for various tasks. Jayatunge, who is studying for a certificate at McMaster University, typically prints lecture materials and uses the library's reliable internet to connect with family in Sri Lanka. The absence of these services has created difficulties, especially for those who do not have alternative access.


Jayatunge, who also works at a Salvation Army emergency shelter, has observed the struggles faced by homeless individuals who depend on the library's computers to search for housing and employment. "Their lives are on hold," he noted.


Prior to the attack, the public heavily relied on library computers, averaging over 750 hours of use per day across all branches in early 2024. This heavy reliance underlines the critical role these services play in the community.


Currently, the library is unable to offer several key services, including public computers, printing, scanning, online holds, self-check kiosks, virtual programming, some Makerspace services, extended access at rural branches, and technical help with devices. However, patrons can still check out books in person, browse the library's website, and access e-books and audiobooks. WiFi remains available at all branches except Ancaster.


The Hamilton library's approach mirrors that of the Toronto Public Library, which experienced a similar cyberattack last year. Toronto faced over four months of disrupted services and chose to rebuild its system rather than pay the ransom demanded by the attackers. Hamilton is taking a similar path, gradually restoring services while enhancing the security of its systems.


Hamilton Mayor Andrea Horwath confirmed that the city did not pay the ransom demanded by the hackers, although she did not disclose the amount. Efforts to restore and rebuild the city's systems are ongoing, but officials have not provided a specific timeline for when normal operations will resume.


As the library works to rebuild, it aims to create a more resilient system that can continue to serve the community during future emergencies, such as power outages or severe weather events. "The library is not only a shelter for people, but also a place where they can contact family to say, 'I'm OK,'" said Takala.


The ongoing disruption of library services surfaces the immense need for secure and resilient public infrastructure to support community needs, especially for those who rely heavily on these services, for studying and otherwise. 



Read more »
Subscribe to: Comments (Atom)