A hacker demanded ransom money after obtaining data from a server used by libraries throughout British Columbia, but a system manager who responded to the incident says the leak was limited and the issue was fixed immediately.
Scott Leslie is the privacy and security officer for the B.C. Libraries Cooperative and says they received an email from the hacker on April 19 claiming to have taken “sensitive” information and threatening to release it if the co-op didn’t pay.
He says the co-op investigated and found some users’ email addresses and phone numbers had been taken, but the hacker didn’t have as much data as they claimed.
Leslie says the co-op didn’t respond and didn’t send any ransom money, though it received several additional emails from the hacker.
The Cariboo Regional District issued a statement on Friday saying its library was among those affected by the data breach, which involves users who received automated notifications from the library system between March 27 and April 19.
Leslie would not say approximately how many email addresses and phone numbers were compromised.
The actual contents of any emails were not part of the breach, he adds.
The B.C. Library Cooperative provides a system used by libraries throughout the province, but Leslie says he doesn’t believe the data hack was specifically targeted.
“This was a case of someone scanning for a known vulnerability, found one and then proceeded to exploit it,” he said in an interview on Friday. “In fact, looking at the evidence that the attacker sent of a public page where they were posting other such attacks, it was clear they were indiscriminate in who they were attacking.”
Leslie says the co-op is reviewing its policies and taking steps to ensure such a cybersecurity incident won’t happen again.
The statement from the co-op issued Monday said the breach affected a new server containing “minimal data.”
“Our best estimation is that the main potential use of the stolen data could be to assist with future spear-phishing attacks,” it says.
The hack is the latest in a series of cybersecurity incidents, including a breach that has shut down London Drugs stores since Sunday, and attacks on other libraries, including the Toronto Public Library last October.
“Regardless of any limitations on data breached, we regret this breach happening at all,” says the statement from the co-operative.
The Cariboo Regional District says the co-op could not provide a list of affected email addresses, so it had posted a notice on its website.
It said the Office of the Information and Privacy Commissioner would also be notified of the breach.
Gerald Pinchbeck, communications manager for the district, said they want library users to understand that they may be targeted by further phishing attacks.