{"id":42944,"date":"2023-11-15T16:37:56","date_gmt":"2023-11-15T21:37:56","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=552927"},"modified":"2023-11-17T08:47:51","modified_gmt":"2023-11-17T13:47:51","slug":"data-on-current-former-toronto-library-staff-stolen-in-ransomware-attack","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/data-on-current-former-toronto-library-staff-stolen-in-ransomware-attack\/","title":{"rendered":"Data on current, former Toronto library staff stolen in ransomware attack"},"content":{"rendered":"<p>Toronto&#8217;s public library system has acknowledged that the ransomware gang that hit it last month stole personally identifiable data of employees.<\/p>\n<p>&#8220;At this point in our investigation we believe current and former staff employed by Toronto Public Library (TPL) and the Toronto Public Library Foundation (TPLF) from 1998 are impacted,&#8221; <a href=\"https:\/\/torontopubliclibrary.typepad.com\/tpl_maintenance\/toronto-public-library-website-maintenance.html\"  rel=\"noopener\">the library said Tuesday.<\/a> &#8220;Information related to these individuals was likely taken, including their name, social insurance number, date of birth and home address.<\/p>\n<p>&#8220;Copies of government-issued identification documents provided to TPL by staff were also likely taken.<\/p>\n<p>&#8220;We did not pay a ransom.<\/p>\n<p>&#8220;Our cardholder and donor databases are not affected. However, some customer, volunteer and donor data that resided on the compromised file server may have been exposed. It will take us time to analyze data to determine who is affected and how. We will continue to be transparent and notify those affected as appropriate and in light of our findings.&#8221;<\/p>\n<p>The municipally-run library is offering two years of complimentary credit monitoring to current and past employees.<\/p>\n<p><a href=\"https:\/\/www.itworldcanada.com\/article\/ransomware-was-behind-toronto-public-library-attack\/552156\"  rel=\"noopener\">The library said last week the Oct. 28 attack was ransomware.\u00a0<\/a>Initially it said there was no immediate evidence that data of staff had been stolen.<\/p>\n<p>Municipalities and their library systems are part of what Ontario calls the broader public sector, which also includes hospitals.<\/p>\n<p>Last year, the provincial government <a href=\"https:\/\/www.itworldcanada.com\/article\/some-in-ontario-broader-public-sector-are-struggling-with-cybersecurity-panel-chair\/513580\">received a report from an expert panel<\/a> on cybersecurity in the provincial broader public sector, which concluded there has been a \u201csystemic underinvestment in both legacy technology replacement and cybersecurity&#8221; in the broader public service (BPS).<\/p>\n<p>A key recommendation was that the province create a single body to oversee cybersecurity across the entire broader public service, dispensing advice and demanding accountability. It would augment current governance structures responsible for sector-specific cyber security risks<\/p>\n<p>In response to that report, the government said it \u201caccepted recommendations outlined in the final report.\u201d However, no timeline for implementing the recommendations was given.<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/data-on-current-former-toronto-library-staff-stolen-in-ransomware-attack\/552927\">Data on current, former Toronto library staff stolen in ransomware attack<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Toronto\u2019s public library system has acknowledged that the ransomware gang that hit it last month stole personally identifiable data of employees. \u201cAt this point in our investigation we believe current and former staff employed by Toronto Public Library (TPL) and the Toronto Public Library Foundation (TPLF) from 1998 are impacted,\u201d the library said Tuesday. \u201cInformation<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[58,361,16],"tags":[392,393,275],"class_list":["post-42944","post","type-post","status-publish","format-standard","hentry","category-government-public-sector","category-privacy","category-security","tag-ransomware","tag-security-strategies","tag-top-story"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/42944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=42944"}],"version-history":[{"count":1,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/42944\/revisions"}],"predecessor-version":[{"id":42945,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/42944\/revisions\/42945"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=42944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=42944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=42944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}