Hackers who obtained data from servers used in libraries across British Columbia demanded a ransom, but system administrators who responded to the incident said the breach was limited and the problem was quickly resolved.
Scott Leslie, the BC Library Cooperative's head of privacy and security, sent an email on April 19 claiming he had stolen “confidential” information from hackers and threatening to release it if the co-op didn't pay up. He said he received it.
He said the co-op's investigation revealed that some users' email addresses and phone numbers had been stolen, but the hackers did not have as much data as they claimed.
Leslie said the co-op received several additional emails from the hackers, but did not respond or send the ransom money.
The Caribou Regional District released a statement Friday saying its library was also affected by the data breach. The data breach involves users who received automatic notifications from the library system between March 27th and April 19th.
Leslie would not say how many email addresses and phone numbers were compromised.
The actual content of the email was not part of the breach, he added.
Although the BC Library Cooperative provides the systems used in libraries across the province, Leslie said he does not believe it was specifically targeted in the data hack.
“This is an example of someone scanning for a known vulnerability, finding it, and exploiting it,” he said in an interview Friday. “In fact, looking at the evidence the attackers sent from public pages posting other similar attacks, it was clear that they were indiscriminate about who they were attacking.”
Leslie said the co-op is reviewing its policies and taking steps to prevent a cybersecurity incident like this from happening again.
In a statement released Monday, the cooperative said the breach affected new servers containing “minimal data.”
“Our best estimate is that the primary potential use of the stolen data may be to assist in future spear-phishing attacks.”
The hack is the latest in a series of cybersecurity incidents, including the breach that shut down a London drugstore since Sunday and attacks on other libraries, including the Toronto Public Library last October.
“We absolutely regret that this breach occurred, regardless of whether any data restrictions were breached,” the cooperative said in a statement.
The Caribou Regional District said the cooperative was unable to provide a list of affected email addresses, so it posted a notice on its website.
It said the Information and Privacy Commission would also be notified of the breach.
Gerald Pinchbeck, the district's communications manager, said he wants library users to understand that they could be targeted by additional phishing attacks.
canadian press