Anne Arundel County Public Library (AACPL) officials today announced that its public computers remain unavailable for use as a result of exposure to the Emotet virus. Information technology professionals are still working to permanently remove the virus and the complicated process will likely take another two weeks.
Recognizing the severity of the situation, library officials are hiring internet security experts to assist with eradicating the virus and cleaning the network. The selected firm will work to permanently disinfect the machines as quickly as possible.
Positively identified on Thursday, October 4, the malware infection resulted from a sophisticated email scam. Customers who used public computers since September 17 were already warned to check their bank and credit card accounts for fraudulent activity.
On October 11, officials discovered that a database of customers who used library computers or the business services kiosk for copying, faxing printing was exposed to the virus. This database, dating back to November 2015, contains library card numbers, customer names and birthdates. No other information, including social security or credit card number, is stored on library servers or is at risk for exposure. However, customers should remain vigilant about their personal information and change any account passwords if they used AACPL computers or the library’s copying, faxing or printing business services kiosk.
“We sincerely apologize for the inconvenience this attack may have caused our customers,” said AACPL CEO Hampton “Skip” Auld. “Along with many organizations, we’ve discovered vulnerabilities through this breach and are taking comprehensive steps to prevent any future incidents. The library is committed to protecting customers against the misuse of their personal information and we take security issues very seriously.”
Consider these tips to help protect your personal information online:
- Don’t open emails from senders you do not know.
- Be extremely cautious before opening links or attachments from unknown third parties.
- Beware of unusual emails that appear to be from senders whose names you know.
- Don’t give out your User ID or password in an email.
- Don’t respond or reply to emails that require you to enter personal information directly into the email.
- Don’t use your email address as a login ID or password.
- Change passwords on a regular basis and immediately change any passwords that may have been compromised.
If you believe you’ve been affected by this breach, visit the consumer page of the library’s website at www.aacpl.net/consumerfor resources to help.