Calgary Public Library (CPL) says that while servers were compromised in an Oct. 11 cyberattack, no business, employee, or membership data was affected.
CEO Sarah Meilleur said Tuesday the Library’s technology team and cybersecurity partners worked with a Microsoft Incident Response team to support containment procedures and complete a thorough investigation into the breach that forced the library to close its branches early.
Calgary’s public libraries reopened on Wednesday, Oct. 16, but with limited services. The libraries still haven’t been able to go back to business as usual, and disruptions to service continue.
CPL says an attempted ransomware attack was likely to blame for the breach. The cybersecurity team suspects the attempted attack was blocked by its monitoring systems.
Meilleur says at no time was CPL in contact with the people responsible for the attack.
“The safety of systems and data remains the highest priority as we move forward in our recovery,” she said. “We are deeply grateful for the continued support, understanding and dedication of our employees, partners, volunteers, and members as we work diligently to ensure the safe return of all services. I also want to applaud our incredible team for their swift response during this time. It is important to know that a cyberbreach is very difficult to prevent. It is the response that makes the difference, and our team acted purposefully to ensure the breach was halted as effectively as possible.”
As part of containment procedures, all servers and systems were shut down and library services requiring technology are still not available to customers.
Unavailable services include book returns, technology and digital services including the Digital Library and eResources, online room booking and program registration, and programs and events that require technology — including all virtual programming.
Due dates for all borrowed materials have been extended until further notice.
The Library has made a three-stage plan to secure infrastructure before expanding access to public services.
The first stage involves restoring secure staff networks and devices, allowing for communication and connectivity across all 23 Library worksites. Stage two will see the reintroduction of some digital and technology services in CPL locations and the last stage will see the restoration of full technology services.
Calgarians are encouraged to stay up-to-date on the latest Library news at calgarylibrary.ca/your-library/comeback/