Cariboo Regional District Informed their Library Network Was Impacted By A Data Breach

The CRD said in a release that on April 25^th they were notified by BC Libraries Cooperative that the system had experienced a security incident.

The data breach impacted users of several library networks which use the ILS system, operated by a third-party service provider.

“Anyone who received notifications through that system would have had their phone number or email address leaked as part of an activity log from that system.” CRD Communications Manager Gerald Pinchbeck said, “The information that was accessed from that data breach is limited to only those email addresses and phone numbers that was sent during March 27 and April 19.”

Pinchbeck noted that the content of the notifications weren’t leaked nor was the identity of the individuals who owned those email addresses and phone numbers.

The Cariboo Regional District and the Cariboo Regional District Library Network will not contact library patrons by unsolicited email or text messages to demand an online payment, request personal information, or to obtain sensitive information.

The Library Network’s system will only contact you to let you know that an item you’ve requested is available and to send reminders to return overdue items from the library collection.

“If you receive a notice from the CRD, and it’s questionable, you’re really not sure about what it is, you can always give one of our libraries a call and ask about the legitimacy of that email. The other thing you can do is just make sure you are not sending sensitive information over email or text and make sure that you’re staying up-to-date on your software on your mobile device and on your computer.”

The Cariboo Regional District has placed a notice on their website and have also linked to that notice from within the affected software, describing the extent of the breach and steps you can take to help combat any potentially resulting spam or phishing attempts.

“When the data breach was identified they immediately worked to close that exploit so that the attacker was not able to access any further data by accessing the contact log. So that has been closed and they’re looking at other appropriate actions they can take to enhance their security,” Pinchbeck said.

He added at this time the CRD is not aware of anyone in the Cariboo who would have been impacted by this attack but we do want to highlight that phishing scams are highly common in our digital world and something to be vigilant for.