[BreachExchange] Ransomware attack hits Contra Costa library system

Destry Winant destry at riskbasedsecurity.com
Mon Jan 6 10:05:47 EST 2020


https://www.eastbaytimes.com/2020/01/03/ransomware-attack-hits-contra-costa-library-system/

MARTINEZ — The Contra Costa County Library System was working to
assess the extent of possible exposure after reports of an apparent
hack and ransomware attack, authorities said Friday.

A Facebook post late Friday morning initially said the library system
“is experiencing a network outage and services at all 26 branches are
impacted. Library materials can be checked out if you bring your
library card to the branch.”

Visitors to the system’s Web site were greeted with a message: “Our
network is currently down and patrons are unable to login at this
time. We are investigating the issue and will establish service as
soon as possible.”

Officials with the library system were working to determine what kinds
of data had been compromised by the attack.

“Obviously we want to protect all of our residents, and having an
illegal break-in to the county’s library system is a serious and
criminal matter,” Contra Costa County Supervisor John Gioia said
Friday evening.

“We want to assure the public we’re taking every step to protect them.
We don’t know the full extent of the data breach at this time.”

In a statement Friday, library officials said affected servers had
been taken offline, some library services had been restored, and
libraries would be open as regularly scheduled.

“We apologize for the inconvenience this outage is causing our patrons
and ask for patience as we work to get all services back online,”
Contra County County Librarian Melinda Cervantes said. “We are working
closely with law enforcement, including IT experts to gather
information and prevent future attacks.”

In its statement, the library said it collects names, addresses, phone
numbers, e-mail addresses and birth dates, but does not collect Social
Security Administration numbers or store credit-card payment
information. It also said stopped collecting driver’s license
information last year and removed all of it from customer records.

“The Library has no evidence that any personal patron data has been
compromised,” the statement read in part. “The server that stores
patron data related to library card accounts and transactions was not
affected, still it’s always wise to monitor your personal information
on a regular basis.”

The library had recently completed a revamp of its Web site and
catalog described as long overdue. In 2018, the system’s 419 staff
members handled 3,198,459 visits and 5,921,276 checkouts at its 26
libraries.

It also handled 1,566,210 virtual visits and 425,897 virtual
checkouts. The library said its Discover & Go and Overdrive platforms
were working.


More information about the BreachExchange mailing list