Some B.C. libraries have been targeted by a hacker who demanded a ransom or they would release user data that includes phone numbers and email addresses.
Neither the Greater Victoria Public Library nor the Vancouver Island Regional Library has been affected.
“We are aware of this cybersecurity incident,” the GVPL said in a statement. “We are closely monitoring the situation and remain vigilant in safeguarding the privacy and security of our users’ data. Should there be any further developments or concerns, we will communicate promptly with our library users.”
The Cariboo Regional District said its library was among those involved and data was obtained about users, who received automated notifications from the library between March 27 and April 19.
The district said it was informed of the breach last week by the B.C. Libraries Co-operative, which provides integrated library systems for multiple institutions — and several library networks had been affected.
The co-operative said in an April 19 statement that it was contacted by a hacker “attempting to extort payment” for data they had taken from its servers, and also threatening to release that information publicly if the co-operative didn’t pay.
The hack is the latest in a series of cybersecurity incidents, including a breach that has shut down London Drugs stores since Sunday, and attacks on other libraries, including the Toronto Public Library last October.
The co-operative said “minimal data” from its email server was obtained.
“Regardless of any limitations on data breached, we regret this breach happening at all,” the co-operative said.
The Cariboo Regional District said the co-operative could not provide a list of the affected emails, so it had reached out indirectly to library users through a notice on its website.
It said the Office of the Information and Privacy Commissioner will also be notified of the breach.
— With a file from the Times Colonist