Ontario public library shuts down most services due to cyberattack

A popular library in Ontario, Canada, was forced to shut down most of its services this week due to a cyberattack — the latest library to face issues after hackers infiltrated its systems.

The London Public Library, which services the Canadian city’s 422,000 residents, posted an alert on Wednesday afternoon warning that several branches would be closed indefinitely.

While in-person borrowing and library programs remain available, its phones, email, WiFi, website, catalogs, printers, computers and digital resources are no longer accessible. Customers also are unable to place holds on items.

By Thursday morning, the library had confirmed that it is experiencing a “major” systems outage caused by a cyberattack.

“Experts have been engaged and investigations are underway. We expect that it could take some time to restore our systems,” they said.

The library announced that the Carson, Glanworth and Lambeth branches will be shut down until January 2. The library has a total of 16 branches.

The library offered customers access to newspapers and some digital catalogs through other platforms but its own catalog is still out of commission.

Virtual programs through Zoom have been canceled as well. Local news outlets reported that many low-income residents in the city use the library’s WiFi as their only access to the internet.

“The library is not a nice-to-have,” City Councilmember Sam Trosow told The London Free Press. “It’s a critical piece of our infrastructure that is essential to people’s well-being.”

The attack on London Public Library comes weeks after two of the biggest libraries in the world were hit by ransomware gangs. Toronto Public Library — Canada’s largest public library system, serving more than 1.2 million members with more than 12 million items spread across 100 branches — confirmed it had been hit with ransomware in October.

In addition to operational issues, the library warned that it refused to pay a ransom, meaning the troves of data stolen about its customers would likely be leaked onto the dark web.

A week after the attack on Toronto Public Library, the British Library announced that it too was struck by ransomware actors.

One of the largest libraries in the world and the national library of the United Kingdom, it faced dozens of technological issues after the incident.

Major library supplier Baker & Taylor struggled for weeks in August 2022 to bring systems back online after a ransomware attack, and a popular German library service notified its users in May 2022 of a range of issues connected to a cyberattack targeting service provider EKZ.

The attacks on libraries across the globe has even prompted U.S. officials to propose the creation of a program specifically designed to collect data about the cybersecurity and advanced firewall services that would best help libraries defend themselves from hackers.

Emsisoft ransomware expert Brett Callow warned that while libraries may not seem like lucrative targets, they often carry the kind of cyber insurance that will pay out ransomware hackers in the event of a devastating incident.

“Whether multiple libraries being hit on the space of a few weeks of each other is coincidental is unclear. Whatever the case, it shows that organizations which may not be perceived to be the most lucrative of targets are nonetheless in the criminals’ crosshairs,” he said.

“While libraries may not have enormous cash reserves, they often do have cyber insurance which covers the cost of a ransom — and that makes them targets.”