Update: Toronto Public Library Confirms Data Stolen in Ransomware Attack
The Toronto Public Library (TPL) has confirmed a data breach resulting from a ransomware attack in October. The attack targeted a file server and resulted in the theft of personal information belonging to employees, customers, volunteers, and donors, dating back to 1998. The stolen data includes names, social insurance numbers, dates of birth, home addresses, and copies of government-issued identification documents. While the library has not disclosed the exact customer data that was stolen or the number of affected customers, it has stated that cardholder and donor databases were not affected. TPL has not paid a ransom and is working with external cybersecurity experts to investigate the incident. The breach has been reported to Ontario's Information and Privacy Commissioner and the Toronto Police. The Black Basta ransomware gang is believed to be responsible for the attack. TPL's primary servers were not encrypted, suggesting that the attackers did not have full access to the library's networks and data. Black Basta has been linked to the FIN7 hacking group and has targeted various high-profile victims in the past.