sowny.net | The Southern Ontario/WNY Radio-TV Forum


You are not logged in. Would you like to login or register?

November 1, 2023 3:19 pm  #1


Why would someone hack the Toronto Library?

 

November 3, 2023 8:02 am  #2


Re: Why would someone hack the Toronto Library?

Why would someone hack hospitals...

 

November 3, 2023 9:45 am  #3


Re: Why would someone hack the Toronto Library?

Yeah really eh? They should be putting their energy into radio stations.
 


RadioWiz & RadioQuiz are NOT the same person. 
RadioWiz & THE Wiz are NOT the same person.

 
 

November 3, 2023 10:03 am  #4


Re: Why would someone hack the Toronto Library?

Two thoughts....

i) Is it really / truly hacked or did it become inoperable due to a maintenance routine (or lack there of)?  

I know of a few  issues last weekend where the main website was based on Wordpress and while Wordpress itself was not the issue, some of the "3rd party" site "looks" or "themes" were... A lot of issues with Wordpress are due to vulnerabilities with the 3rd party looks / themes... they are regularly attacked as security weaknesses are targeted and compromised.

ii) Maybe it is just someone or a group trying to see what they can do?  Kind of a "test run" before they go after bigger fish....?  

 

 

November 3, 2023 10:16 am  #5


Re: Why would someone hack the Toronto Library?

So that they pay the ransom to have their data unlocked.

TPL has a budget of ~200 million and 2,500 employees. It's a pretty big fish

 

November 3, 2023 10:32 am  #6


Re: Why would someone hack the Toronto Library?

Whoever the culprit is, I hope they throw the book at him. 

 

November 3, 2023 4:35 pm  #7


Re: Why would someone hack the Toronto Library?

Glen Warren wrote:

Two thoughts....

i) Is it really / truly hacked or did it become inoperable due to a maintenance routine (or lack there of)?  

I know of a few  issues last weekend where the main website was based on Wordpress and while Wordpress itself was not the issue, some of the "3rd party" site "looks" or "themes" were... A lot of issues with Wordpress are due to vulnerabilities with the 3rd party looks / themes... they are regularly attacked as security weaknesses are targeted and compromised.

ii) Maybe it is just someone or a group trying to see what they can do?  Kind of a "test run" before they go after bigger fish....?  

 

https://torontopubliclibrary.typepad.com/tpl_maintenance/toronto-public-library-website-maintenance.html
 

     Thread Starter
 

November 6, 2023 11:14 pm  #8


Re: Why would someone hack the Toronto Library?

 

November 6, 2023 11:38 pm  #9


Re: Why would someone hack the Toronto Library?

It's taking longer than Rogers. 
 

     Thread Starter
 

November 7, 2023 7:26 am  #10


Re: Why would someone hack the Toronto Library?

Whatever the reason is for the library being down, I sure hope it gets fixed soon!  I am lost without my books!!

 

November 7, 2023 7:55 am  #11


Re: Why would someone hack the Toronto Library?

Greg Brady was talking about this on Tuesday, saying they'd suffered a ransomware attack and still have not been able to get fully back online, almost two weeks later. If that's true, it doesn't appear they've paid the hackers, if they're still down all this time later. 

How ironic - the one thing you can't hack is a printed book!

 

November 10, 2023 1:29 pm  #12


     Thread Starter
 

November 14, 2023 6:44 pm  #13


Re: Why would someone hack the Toronto Library?

Looks like employee information was compromised. No ransom was paid. 

https://torontopubliclibrary.typepad.com/tpl_maintenance/toronto-public-library-website-maintenance.html

     Thread Starter
 

November 14, 2023 8:51 pm  #14


Re: Why would someone hack the Toronto Library?

I use the library a lot and it hasn't affected me except for looking up their digitized newspaper editions from way, way back in time and searching for a physical book I wanted.    I just finished an audio book and took out a e-book yesterday without any problem.   It's a pain if anyone is looking for a book that is physically in the library system but not if it's on the virtual side (unless it's newspapers). 

The Toronto library online is broken up into several independent segments and some look like they're contracted out, so that's why the entire system wasn't compromise.   As for why it was hacked, it's probably a ransomware attack because they don't store a lot of info other than name, address and email.      If it's employee information, that's another story because it involves SINs and compensation as well which is great for identity theft.    

I think they should have been far more transparent than they were about the nature of the attack.   I was sick of being kept in the dark.   Libraries usually don't have the stringent security that we find in corporate environments but some parts of their system were more robust than others.
 

Last edited by SpinningWheel (November 14, 2023 9:00 pm)

 

November 14, 2023 8:58 pm  #15


Re: Why would someone hack the Toronto Library?

RadioActive wrote:

Greg Brady was talking about this on Tuesday, saying they'd suffered a ransomware attack and still have not been able to get fully back online, almost two weeks later. If that's true, it doesn't appear they've paid the hackers, if they're still down all this time later. 

How ironic - the one thing you can't hack is a printed book!

What's also ironic is that the part of the system where you ordered books or arranged to transfer them from other locations is still offline, while e-books and audio books are fine.   The latter is probably under another system.   It looks like it's contracted out.
 

 

November 14, 2023 10:59 pm  #16


Re: Why would someone hack the Toronto Library?

SpinningWheel wrote:

while e-books and audio books are fine.   The latter is probably under another system.   It looks like it's contracted out. 

Yes, like most libraries who make such agreements, these "multimedia" materials are provided by third-party content providers like Naxos, Flipster, Hoopla, Kanopy, Overdrive, Pressreader, etc.  They are not housed on any TPL server cloud or on-prem infrastructure.
 

 

November 23, 2023 10:27 pm  #17


Re: Why would someone hack the Toronto Library?

     Thread Starter
 

November 24, 2023 10:27 am  #18


Re: Why would someone hack the Toronto Library?

To answer the question "Why would someone hack the Toronto Library" - low hanging fruit? It's a large institution with a budget in the hundreds of millions of dollars but not one managers would think requires the level of security that other government (or commercial) institutions would have so it's a soft target. I expect just as universities (and now hospitals0 have tightened up their cybersecurity after a number of high profile cyberextortion incidents, libraries will now have to invest money doing this.  

 

November 24, 2023 1:08 pm  #19


Re: Why would someone hack the Toronto Library?

Since libraries do not generally compete with one another, and generally collaborate (inter-library loans etc), you'd think digitization and electronic communications would be tasked to a library association to come up with and support a platforms. Keeping iron walls between organizations' private parts, of course, but doing things like building templates, system design, training network admins, having specialists on hand, etc. Same should go for hospitals, etc.

Maybe it's indeed already done along these lines...
 

 

November 24, 2023 3:17 pm  #20


Re: Why would someone hack the Toronto Library?

And then there's personal and financial information to be gained with hacking from those who have TPL library cards and have used debit/credit cards in the past to pay for overdue fines, photocopies or those nifty canvas tote bags.

Last edited by betaylored (November 24, 2023 3:19 pm)

 

January 5, 2024 4:07 pm  #21


Re: Why would someone hack the Toronto Library?

     Thread Starter
 

January 5, 2024 9:06 pm  #22


Re: Why would someone hack the Toronto Library?

The most relevant link for new updates is the landing page at:
https://torontopubliclibrary.typepad.com/tpl/home.html
They've mentioned the "later in January 2024" timeframe they reference for a while now, but these things can, unfortunately, take some time.

 

March 4, 2024 6:47 pm  #23


Re: Why would someone hack the Toronto Library?

Its back after  four months. This George Harrison bio is the first book I ordered:

https://www.torontopubliclibrary.ca/detail.jsp?Entt=RDM4420689&R=4420689

Last edited by cash (March 4, 2024 6:48 pm)

     Thread Starter