Toronto Public Library ‘remains a crime scene’ after ransomware attack

The Toronto Public Library is still in the process of recovering from a ransomware attack that limited its offerings and required wholesale changes to how the organization runs.

Toronto City Librarian Vickery Bowles published a lengthy note on Wednesday explaining the devastating situation facing the library since the attack came to light at the end of October.

Bowles said services at the library — which runs 100 branches and has more than 5,000 staff members — are set to return gradually beginning later in January.

While they have spent weeks trying to restore services, library accounts online are still not accessible and public computers as well as printers are not available. This has been devastating for the people who rely on the city’s libraries as their primary source of internet access — particularly low income city residents and school children.

“While many library services continue to operate, the Library remains a crime scene as the investigation continues. We know that the personal information of our staff was stolen, and we continue to investigate the extent of the data breach with the support of cybersecurity experts,” Bowles said.

“We know that we are the only access to technology for many of the most vulnerable in Toronto. Their loss of access to meet their daily needs has been especially challenging and concerning. We’ve also heard from students who rely on our computers for school work, from job seekers who rely on us to print their resume, and from people who use library computers to stay connected to family and friends back home.”

Families, researchers and others have told the library that their limited access is making life “harder and more expensive,” Bowles added. In spite of the struggles, Bowles said the library has still been able to allow customers to borrow half a million physical materials and almost 10,000 people were still able to register for library cards.

The library has still been able to hold in-person events and programs as it deals with the ransomware attack.

Bowles explained that the lengthy recovery is taking months because the library needs to bring everything back in a way that allows it to prevent future attacks.

“It’s a long road ahead but we are looking forward to a full return,” Bowles said. “Although these criminals have hurt us, they certainly have not deterred us from fulfilling our mission of providing free and equitable access to library services to meet the changing needs of the people of Toronto.”

Several city library systems faced attack in 2023, including major incidents involving the British Library — one of the largest libraries in the world and the national library of the United Kingdom.

London Public Library, which services London, Canada’s 422,000 residents, was also forced to shut down due to a cyberattack.

On Wednesday evening, a ransomware gang claimed an attack on North Carolina’s Bladen County Public Library. The library did not respond to requests for comment but county leaders announced last month that their systems were affected by a cyberattack. The incident was so damaging that the North Carolina National Guard was called in to help with the recovery effort.