Since the Memorial Day weekend ransomware attack occurred against Library systems, the Library has undertaken significant efforts to investigate the data impacted during that incident.
With the help of digital forensic specialists and law enforcement, we have determined which files were impacted during that attack. The nature of the personal information affected varies considerably from person to person due to the nature of the impacted files, which resided on a file drive shared by all Library staff.
Data residing in other Library systems – such as our Horizon patron database, our Bibliocommons catalog, our Better Impact volunteer database, our Ask Us customer service platform, and others – were not taken during the attack.
We have begun the process of notifying individual patrons, employees, and others if their personal information was affected. For these individuals, we have provided supportive resources, including a free, two-year membership to a credit and identity monitoring service.
We thank our patrons, staff and community for their patience throughout this investigation.
Who to contact if you have questions
If you were impacted by this data breach and you have questions about what steps to take or how to sign up for free credit monitoring, please contact our dedicated call center:
Experian Call Center
Phone: 1-833-918-4978
Hours: 6 a.m. to 6 p.m. PST, Monday through Friday (excluding major U.S. holidays)
How do I know if I was impacted?
If your data was impacted, you will receive notification from the Library via written mail if we have your home address, or via email if we do not have your home address.
How has the Library responded to this ransomware attack? Could this happen again?
While there is no 100% guarantee when it comes to cybersecurity, we are committed to further improving our digital security, and we have taken a number of steps to improve our security posture and data management practices.
We have been working with cybersecurity experts since the cybersecurity attack to deploy additional safeguards onto our systems, such as multifactor authentication and stronger password practices. We are hiring for a new permanent position focused on cybersecurity, and we are actively reviewing our systems to enhance cybersecurity and data management monitoring and controls.
In coming weeks, we expect to make available an After Action Review report, which will detail the steps the Library has taken in response to this attack.