TORONTO — An October cyberattack on Canada’s largest public library system that brought down its website and likely exposed sensitive employee information will keep some services offline into 2024.
The Toronto Public Library says service will start to be restored gradually starting in January, calling it an “aggressive timeframe.”
It says priority will be given to the library’s website and network of public computers across its 100 branches.
The library has previously said the Oct. 28 cyberattack likely exposed the names, social insurance numbers, government identification and addresses of employees dating back to 1998.
The library says it did not pay a ransom to the hackers and the stolen data could end up on the dark web.
It says staff and third-party experts have been working “around the clock” to restore systems and boost its network security.
“We recognize that this is a long period of time without full library services, but this is considered an aggressive timeframe within the context of such an attack and the experience of other institutions in similar circumstances,” it wrote in an update.
The library has said cardholder and donor databases were unaffected, but some customer, volunteer and donor data that was on acompromised server may have been exposed.
Services that remain unavailable include printing, library card renewals, and some digital collections, along with placing, suspending or managing holds.
This report by The Canadian Press was first published Nov. 24, 2023.