'Offshore Actor' Caused Cyberattack on Seattle Public Library

WASHINGTON, Sept. 20, 2024 – In late May, the Seattle Public Library was hit by a cyberattack, forcing SPL to take offline many electronic features, including library accounts, book catalogs, e-books, in-building Wi-Fi, and public computers and printers.

After saying little for several months about the nature of the debilitating attack, SPL officials have begun to discuss some of what happened.

On Thursday, Laura Gentry, SPL’s Head of Communications, disclosed in an email to Broadband Breakfast that the cyberattack came from "an offshore actor that is not affiliated with a nation state or terrorist organization."

Like many cyber criminals, the outfit ​that targeted the SPL sought ransom.

"​The group demanded a considerable amount of money, one that the Library could not have afforded even if we had considered paying their ransom, which we did not do," Gentry said.

On Tuesday, the FCC said eligible schools and libraries were now able to apply for a share of the $200 million in Universal Service Fund money that the agency has set aside to harden schools and libraries against cyberattacks.

The test program, which is to run for three years, will help participating schools and libraries to defray the costs of eligible cybersecurity services and equipment, such as advanced firewalls, endpoint protection, and identity protection and authentication, the FCC said.

In 2023, SPL had a record-high 293,000 active patrons, providing physical and digital materials over 13.3 million times. The library also provided access to more than 340,000 public computer sessions.

SPL, Gentry said, still needed to keep some information about the cyberattack from public release.

"As we are still conducting an active data investigation, and in the interest of not promoting bad actors, we are not naming the ransom group at this time or specifics about their demands," she said.