DAWSON CREEK -- B.C. libraries have been targeted by a hacker who demanded a ransom or they would release user data that includes the phone numbers and email addresses of some clients.
The Dawson Creek Public Library says its library was among those involved and data was obtained about users who received automated notifications from the library between March 27 and April 19.
The library says only email addresses were leaked but not the contents of the notifications.
“Itis our understanding that the most likely risk from this information leak is it being used to generate spam or phishing messages. In addition, it may increase the likelihood of spear phishing messages – messages pretending to be from a person or system you are known to communicate with,” said the Dawson Creek Library in a statement on social media.
The librarysays it was informed of the breach last week by the BC Libraries Cooperative that provides integrated library systems for multiple institutions, and several library networks had been affected.
The co-operative says in a statement dated Monday that on April 19 it was contacted by a hacker “attempting to extort payment” for data they had taken from its servers, and threatening to release that information publicly if the co-operative didn't pay.
The hack is the latest in a series of cybersecurity incidents, including a breach that has shut down London Drugs stores since Sunday, and attacks on other libraries including the Toronto Public Library last October.
“Please know that the Dawson Creek Public Library will NEVER ask you for your password nor any other sensitive information like social insurance or banking information, nor ask for funds from you,” said the library.
The BC Libraries Cooperative says “minimal data” from its email server was obtained.
“Regardless of any limitations on data breached, we regret this breach happening at all,” the co-operative statement says.
With files from The Canadian Press.
