Workers’ SIN, IDs likely taken in Toronto library hack, could end up on dark web: TPL

The Toronto Public Library says information on current and former employees has likely been taken in a cyberattack, including social insurance numbers and copies of government-issued identification.

The library says hackers stole a large number of files from its servers in an attack that first came to its attention on Oct. 28.

It says cardholder and donor databases were unaffected, but some customer, volunteer and donor data that was on the compromised server may have been exposed.

In an update this week, the library says current and former staff employed by the library and its charitable foundation from 1998 have been affected.

It says staff names, home addresses, social insurance numbers, and copies of their government-issued identification were likely taken in the cyberattack.

The library says it did not pay a ransom and it’s aware that stolen data connected to the cyberattack may end up on the dark web.

“It is so unfortunate that data security and ransomware incidents are becoming increasingly common, and that public sector organizations including hospitals, schools and libraries – all dedicated to the betterment of the community – are being targeted,” said the update from the library.

This report by The Canadian Press was first published Nov. 15, 2023.