The Boston Public Library (BPL) has disclosed today that its network was hit by a cyberattack on Wednesday, leading to a system-wide technical outage. BPL serves almost 4 million visitors per year through its central library and twenty-five neighborhood branches, as well as millions more online. It is the third-largest public library in the United States behind the federal Library of Congress and the New York Public Library, based on the total number of items it holds. “The library is currently experiencing a significant system outage and online library services that require login are unavailable,” a notice on the library’s site currently reads. In a statement published earlier today, BPL said that the ongoing technical outage was caused by a cyberattack that hit its systems on Wednesday. “On Wednesday morning, 8/25, the Boston Public Library experienced a systemwide technical outage due to a cybersecurity attack, pausing public computer and public printing services, as well as some online resources,” the library states. “Affected systems were taken offline immediately, and proactive steps were taken to isolate the problem and shut down network communication.” An ongoing investigation in collaboration with law enforcement and the Mayor’s IT experts has not yet found any evidence of employee or patron data stolen from the impacted systems. BPL’s IT department is now restoring all affected devices and services, with physical locations some online services still available. “We apologize for any inconvenience this outage may have caused patrons,” said Kurt Mansperger, Chief Technology Officer of the BPL. “Thank you for your patience as our team and law enforcement officials work to restore our digital services and protect the library from future attacks.” Today’s statement comes after BPL informed the public of the attack on Wednesday through a short tweet saying that the outage impacted computers, printers, and some online resources. A Boston Public Library spokesperson was not available for comment when reporters reached out earlier today for more details on the nature of the attack.
Even though it does not appear that any personal data was involved in this breach, it is recommended users with online registrations with the Boston Public Library change their passwords associated with their login. If those login credentials are shared with any other logins, those should be changed as well. Passwords should be unique to the login and be made complex with the use of special characters, numbers, and case-sensitive characters.