Cybersecurity

Seattle Public Library suffers ransomware attack

The library website was temporarily down for days after the initial incident.
article cover

Erhui1979/Getty Images

· less than 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

No reading between the lines here—the Seattle Public Library has suffered a ransomware attack, the library confirmed on Tuesday via a post on X. A ransomware group targeted the library’s technology systems on May 25, a day before scheduled maintenance was set to take place.

The incident impacted access to staff and public computers, the library’s online catalog, e-books, onsite wi-fi, and its website, the library announced in a blog post. “The library quickly engaged third-party forensic specialists, contacted law enforcement, and took our systems fully offline to interrupt and better assess the nature and impacts of the event,” the blog post also said.

The library and its partners are investigating the source of the incident, working to “confirm the extent of the impacts and restore full functionality to our systems.” The library did not disclose technical details of the ransomware incident in its post.

Despite the incident, the library remains open for business, announcing that readers can still check out printed books and other physical materials using old-school paper forms.

This isn’t the first time a library has dealt with a cybersecurity breach. In 2023, IT Brew reported that the British Library suffered a ransomware attack—with the Rhysida ransomware gang leaking 600GB worth of data after the library “refused to engage,” according to Computer Weekly. The incident caused a “significant disruption to the organization’s services, which has still not been fully resolved,” the outlet noted in March of this year.

IT Brew reached out to the Seattle Public Library for comment. Laura Gentry, its head of communications, told us via email that they were able to restore the website Tuesday night and that “due to the nature of the event and the ongoing investigation, I’m unable to share details about the [ransom] request or the actors involved.”

“If any data/information is impacted, we will be notifying impacted parties directly. At this time, the investigation into the impacts of the event continues,” she wrote.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.