On November 15, the Toledo Lucas County Public Library announced that digital services have been restored, including public computers, WiFi access, public-facing catalog functions and the website.
“The library appreciates your patience, understanding and support during this event,” said Jason Kucsma, director. “We also understand that you may have questions regarding what transpired over the past two weeks.”
The following are questions regarding the ongoing digital forensics investigation.
Why has it taken so long to restore services?
The library needed to take the time necessary to thoroughly examine our systems before carefully bringing everything back online.
That includes a catalog system serving almost 300,000 cardholders across 20 locations; 90 servers; 1,500 public and staff computers; a website that gets more than 1 million visits per month; and a complex data center that is monitored 24/7 to process requests from our users and guard against cybersecurity threats.
Our entire operation had to be taken offline, investigated for lingering threats, and carefully brought back online to ensure vulnerabilities did not persist.
Should community members be concerned about their personal information?
We are still completing the investigation, and if any sensitive information was compromised, we will contact anyone affected. The library very intentionally maintains only the basic information needed to provide excellent customer service. We do not keep credit card information, Social Security numbers, or borrowing history, for example.
Does the library know how this happened?
We are still completing the investigation, so we don’t have any information we can share at this time.
What changes will the library make based on what has been learned?
To be clear, the library has a comprehensive cybersecurity defense system, but the scale of risk continues to escalate for all organizations. We will continue to assess and address where our vulnerabilities may be, and use this incident to become an even stronger organization.
How much taxpayer money has been spent on solving this?
Part of our comprehensive risk management includes cybersecurity insurance. At this point, the only known expense we will incur is the policy’s deductible to resolve the issue.
Is the library paying a ransom?
We have not paid a ransom nor do we plan to.
