A hacker targeted libraries in British Columbia, threatening to release user data unless a ransom was paid. The B.C. Libraries Co-operative, which provides library systems for various institutions in the province, revealed in a statement on Monday that they were contacted by a hacker on April 19 who attempted to extort payment using private information from their servers.
The hacker managed to access log file data from the co-operative’s new cloud hosting infrastructure and obtained “minimal data” from their email server. Fortunately, no passwords or email content (including subject lines or message contents) were stolen, according to the statement released by the co-operative.
Despite the limited nature of the data breach, the co-operative expressed regret over the incident and emphasized their commitment to cybersecurity. They suspected that the hacker intended to use the information indicating email exchanges between addresses for phishing schemes, pretending to send emails from known contacts.
Concerned about the breach, the B.C. Libraries Co-operative announced their intention to notify the Office of the Information and Privacy Commissioner about the incident. This move reflects their dedication to transparency and accountability in handling cybersecurity threats.
This hacking incident is just the latest in a series of cybersecurity breaches affecting various organizations, including the recent attack on London Drugs stores that forced them to shut down temporarily. Other libraries, such as the Toronto Public Library, have also faced cyberattacks, highlighting the ongoing challenges faced by institutions in safeguarding user data.
The Cariboo Regional District confirmed that their library was among those impacted by the breach, with data being accessed regarding users who received automated notifications between March 27 and April 19. They learned about the breach from the B.C. Libraries Co-operative, which was unable to provide a list of affected emails. As a result, the district resorted to reaching out indirectly to library users through a notice on their website to inform them about the incident.
The repercussions of this cybersecurity breach are far-reaching, underscoring the importance of robust cybersecurity measures for organizations handling sensitive user data. With hackers becoming increasingly sophisticated in their tactics, it is essential for institutions to prioritize cybersecurity to protect their users and maintain trust in their services. As the investigation into this breach continues, it is crucial for libraries and other organizations to remain vigilant and implement stringent security protocols to prevent future incidents.