Clickability tracking pixel

Bay Area Library System Suffers Ransomware Attack

The Contra Costa County Library System was hit by ransomware Friday, officials have confirmed. The resulting network outages affected services at all 26 library branches. An investigation is underway.

by George Kelly, East Bay Times / January 7, 2020
Shutterstock

(TNS) — The Contra Costa County Library System was working to assess the extent of possible exposure after reports of an apparent hack and ransomware attack, authorities said Friday.

A Facebook post late Friday morning initially said the library system “is experiencing a network outage and services at all 26 branches are impacted. Library materials can be checked out if you bring your library card to the branch.”

Visitors to the system’s Web site were greeted with a message: “Our network is currently down and patrons are unable to login at this time. We are investigating the issue and will establish service as soon as possible.”

Officials with the library system were working to determine what kinds of data had been compromised by the attack.

“Obviously we want to protect all of our residents, and having an illegal break-in to the county’s library system is a serious and criminal matter,” Contra Costa County Supervisor John Gioia said Friday evening.

“We want to assure the public we’re taking every step to protect them. We don’t know the full extent of the data breach at this time.”

In a statement Friday, library officials said affected servers had been taken offline, some library services had been restored, and libraries would be open as regularly scheduled.

“We apologize for the inconvenience this outage is causing our patrons and ask for patience as we work to get all services back online,” Contra Costa County Librarian Melinda Cervantes said. “We are working closely with law enforcement, including IT experts to gather information and prevent future attacks.”

In its statement, the library said it collects names, addresses, phone numbers, e-mail addresses and birth dates, but does not collect Social Security Administration numbers or store credit-card payment information. It also said it stopped collecting driver’s license information last year and removed all of it from customer records.

“The Library has no evidence that any personal patron data has been compromised,” the statement read in part. “The server that stores patron data related to library card accounts and transactions was not affected, still it’s always wise to monitor your personal information on a regular basis.”

The library had recently completed a revamp of its Web site and catalog described as long overdue. In 2018, the system’s 419 staff members handled 3,198,459 visits and 5,921,276 checkouts at its 26 libraries.

It also handled 1,566,210 virtual visits and 425,897 virtual checkouts. The library said its Discover & Go and Overdrive platforms were working.

Library patrons with questions about affected services may call library administrative staff at 925-608-7700 during business hours.

©2020 the Contra Costa Times (Walnut Creek, Calif.) Distributed by Tribune Content Agency, LLC.

Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.

E.REPUBLIC Platforms & Programs