Library restores most services:Investigation into June ‘data incident’ continues

Library restores most services:Investigation into June ‘data incident’ continues
Some aspects of the library’s computer system remain unavailable due to the hack. (Photo/

By Katie Clifford

Six weeks after a “data incident” involving the Alexandria Public Library computer system – which required the library to engage cybersecurity professionals and law enforcement – the investigation is still on-going. Though many library services were initially disrupted, most had been restored as of Tuesday.

Nathan Carrick, senior communications officer for the library, said in an email exchange that some aspects of the library’s computer sys- tem remain unavailable due to the hack.

“While several Library services that were initially impacted have been restored, such as access to the public wi-fi, the Library catalog and borrowing of e-books and e-audiobooks through the Libby app … [the library] is working diligently to restore other services such as access to public computer stations and public printing which are currently unavailable,” Carrick said in an emailed response on August 3.

Carrick said that as of this Tuesday, public internet and printing have been restored at all branches except for Burke. A comprehensive list of services can be found on the library’s website: library-services-FAQ

The library’s website mentions that at present payments for most fees and services cannot be accepted. The incident announcement with a link to more information for the public is displayed at the top of the Library’s homepage.

The Alexandria Library first became aware of the data incident on June 26, Carrick said in the August 3 email.

“As indicated on our website, the Alexandria Library system is experiencing a partial network outage due to that data incident. As soon as we became aware of the situation, the library’s leadership immediately engaged cybersecurity professionals and contacted law enforcement to remediate and investigate this incident,” Carrick said in the email.

Carrick said because the investigation is still ongoing, the library “cannot comment further on the specifics of the incident at this time.”

Despite the continuing investigation, which may take some time, it was business as usual at the Charles E. Beatley, Jr. Central Library in early August.

Visitors were busy on personal laptops and devices, do- ing research and taking online exams on the library’s available public wi-fi. Signing up for a library card was seamless – a brief online application and collection of a physical card, with proof of ID – and the foot traffic appeared steady.

That’s not to say some library users haven’t been left frustrated by the suspension of some of the usual services. Betty Guttmann, a regular library volunteer, recalled an incident about two weeks ago when a woman who came into the Beatley Jr. Central branch wanted to use the printers, not realizing they were inaccessible.

“She was shouting and carrying on and was evidently quite angry that she had come all the way to the library and couldn’t print,” Guttmann said. “But that was the only circumstance I can remember like that. In general, people have been very understanding.”

Guttmann, who said she didn’t feel as affected by the reduced services because she has devices at home, acknowl- edged that older seniors who may need computer assistance and people without access to a computer or printer in their own home, rely on the library’s services and perhaps have been more impacted.

Of the individuals in contact with the Times for this article, none had directly been affected or had their personal data compromised in the past six weeks or at the time the library became aware of the data incident.

The Alexandria Library branches include Charles E. Beatley, Jr. Central, Kate Waller Barrett branch, Ellen Coolidge Burke branch, James M. Duncan Jr. branch, Local History/Special Collections branch and the Alexandria Law Library. Internet accessible computers are available at Central, Barrett, Burke, Duncan and the Law Library.

According to the Library’s website, internet computers “include access to Google Chrome, Microsoft Edge and Mozilla Firefox, Microsoft Office 2019 (Word, Excel, and Powerpoint), Alexandria Library’s eCollection databases and Library Catalog as well as Ancestry Library. Access to these computers is permitted to all Alexandria Library cardholders as well as any visitor wishing to use a free guest pass for a computer session.”

In the “Library Policies” section of the website under “Public Computer Use” is the disclaimer: “The Library is not responsible for damage to a customer’s USB, or for any loss of data, damage or liability that may occur from customer’s use of the Library’s computers.”

The company called in to deal with the breach, The Cybersecurity and Infrastructure Security Agency, could not provide details on an ongoing investigation, but their website sheds some light on their approach to situations like this.

According to their website, CISA “works with partners to defend against today’s threats and collaborate to build a more secure and resilient infrastructure for the future” and is listed as a resource on the City of Alexandria’s Information Security Office page.

CISA’s external affairs adviser Antonio Soliz shared a resource with the Times titled “Federal Government Cybersecurity Incident and Vulnerability Response Playbooks,” which outlines “operational procedures for planning and con- ducting cybersecurity incident and vulnerability response activities in Federal Civilian Executive Branch (FCEB) information systems.”

According to the document, these playbooks provide “a standardized response process for cybersecurity incidents and describes the process and completion through the incident response phases as defined in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-61 Rev. 2,5 including preparation, detection and analysis, containment, eradication and recovery, and post-incident activities.”

The document in its entirety can be found at: federal-government-cybersec urity-incident-and-vulnerabil ity-response-playbooks

Despite not all Library resources being available for use, and the root of the issue still unclear to the public, Guttmann’s opinion is the data incident won’t deter visitors and cardholders from using the Library in the future, or even while the investigation is still ongoing.

“It’s still a wonderful resource for people,” Guttmann said. “The library is like the soul of the city, really.”