Hackers Attack Toronto Public Library

The Toronto Public Library has issued a cybersecurity notice to inform bibliophiles that its services are down due to a run-in with hackers over the weekend.

TPL, Canada’s largest public library, operates 100 branch libraries across the country. It has more than 12 million items in its collection and serves 1.2 million members.

In a post on X Saturday, TPL began informing bookworms that some online services would be acting up due to what the library described at the time as “technical difficulties.”

The issue turned out to be an attack on its IT network, which systematically downed many of its online services, including the official tpl.ca website.

“We are actively addressing a cybersecurity incident that came to our attention on Saturday, October 28,” TPL followed up on a “maintenance” website built specifically to issue a statement about the incident.

Services left crippled include tpl.ca, your account, tpl:map passes, digital collections, public computers, and printing.

Branches are open as scheduled to accommodate walk-in reading buffs, and WiFi and phone lines are working at all branches, the memo states.

Readers can borrow and return materials as usual, “until further notice,” TPL says.

Perhaps more importantly, the advisory mentions that, “As of now, there is no evidence that the personal information of our staff or customers has been compromised.”

“TPL has proactively prepared for cybersecurity issues and promptly initiated measures to mitigate potential impacts,” the notice continues. “We have engaged with third-party cybersecurity experts to help us in resolving this situation.”

“We appreciate your patience and understanding while we do everything we can to resolve this matter as quickly as possible,” it adds.

The library expects the situation to continue for several days “before all systems are fully restored to normal operations.”

TPL pledges to issue timely updates as it progresses on the matter.

A data incident is certainly not out of the question if the attack was carried out by extortionists (i.e. ransomware operators). That’s the case more often than not, these days.