Toronto Zoo says it remains open after ransomware attack

The Toronto Zoo said Monday evening that it was responding to a ransomware attack detected on January 5.

The organization said its staff immediately began an investigation into the incident once it was discovered. The zoo welcomes more than 1.2 million visitors each year and has one of the most diverse collections of animals of any facility in the world, with more than 5,000.

“We are investigating the impact, if any, to our guests, Members and donor records. We can confirm we do not currently store any credit card information. Once we have more information we will share it broadly,” zoo officials said.

“Currently, our animal wellbeing, care and support systems have not been impacted by this incident and we are continuing with normal Zoo operations including being open to guests. The Zoo website is not impacted, and ticket purchases can continue to be made online at torontozoo.com.

The Toronto Police Services have been contacted and Toronto’s Chief Information Security Office is working on the attack alongside cybersecurity experts.

Zoo officials noted that responses to inquiries will be delayed due to the attack. While they would not say what services were affected, they added that they are “grateful we took steps over the past few years to upgrade our technology infrastructure.”

No ransomware gang has taken credit for the attack, but in July, one of the U.S.’s most popular zoos, ZooTampa, was targeted by prolific cybercriminals known for attacking government institutions.

Toronto has dealt with multiple high-profile ransomware incidents over the last year. The city’s public library continues to address with the fallout from a ransomware attack that required months of recovery efforts.

Toronto’s Hospital for Sick Children, Canada's largest pediatric health center, faced its own ransomware incident almost exactly one year ago, and the city’s government was affected by a ransomware gang’s exploitation of a popular file transfer service.

A 2021 ransomware attack disrupted the activities of the Toronto public transportation agency and took down several systems used by drivers and commuters alike.