Hackers Broke Into St. Louis Public Library Though Voicemail Server


St. Louis Public Library, Central Branch. - PHOTO VIA FLICKR/VALERIE

Nearly two weeks after its server was infiltrated by hackers and held for ransom, the St. Louis Public Library has announced that most of the institution's computer systems are up and running again.

"[A]ll St. Louis Public Library technology used by patrons has been restored," wrote library executive director Waller McGuire in an email to patrons Tuesday night. (The full statement is also available on the library website.)

The ransomware attack on January 19 left the library essentially crippled. On the day of the digital intrusion, patrons were unable to use the library system's 700 public computers or check out items like books or movies. Library employees logging into their own computers were greeted with a ransom message that demanded payment in exchange for access to the library's network and data.

The library, however, never gave the demand a second thought.

"Staff brought the demand to me within moments of discovering it, and we were on the phone with the FBI moments later," McGuire wrote. "Although I understand that the decision to pay can be complex for many institutions and companies, SLPL never considered it."

According to McGuire, an FBI investigation identified a four-year-old voicemail server as the hackers' entryway to the library's systems.

Despite the seriousness of the attack, the library's critical patron services were restored in a matter of days, McGuire wrote. McGuire also reassured patrons that the hackers were not able to access the library's trove of personal information because that data is stored in a "remote location and kept secure."

The work to repair the library's systems isn't over, however. While patrons may now happily check out their books and other materials, many of the employees' computers must be wiped and restored, and this is causing all sorts of predictable problems for retrieving the data once hosted on those computers.

Overall, the attack inflicted little actual damage to the library's services, but it's worth noting that it takes a special kind of asshole to both extort a library and  deny its patrons the ability to read, study and learn.

"I feel public libraries are a deeply American idea," McGuire wrote, concluding the Tuesday email. "Libraries embody the belief that our communities improve themselves by providing open access to the vital world of information and learning. That everyone in our community is enriched when anyone can walk through our doors and help themselves to the rich resources we offer. Increasingly those resources are digital and accessed online. This attack attempted to hold information ransom. That frightens and angers all libraries and librarians, and it should anger you."

Follow Danny Wicentowski on Twitter at @D_Towski. E-mail the author atDanny.Wicentowski@RiverfrontTimes.com

Support Local Journalism.
Join the Riverfront Times Press Club

Local journalism is information. Information is power. And we believe everyone deserves access to accurate independent coverage of their community and state. Our readers helped us continue this coverage in 2020, and we are so grateful for the support.

Help us keep this coverage going in 2021. Whether it's a one-time acknowledgement of this article or an ongoing membership pledge, your support goes to local-based reporting from our small but mighty team.

Join the Riverfront Times Club for as little as $5 a month.