On April 25, 2024, we were notified of a privacy breach that affected all Sitka libraries (public libraries in BC that share the same integrated library system). The files contained the email addresses and phone numbers of patrons who had received automated notifications from the library system (i.e., checkout notices, overdue notices, hold notifications) between March 27 and April 19, 2024. Names and addresses were not leaked; since this breached information cannot be linked with individual files, we have assessed the privacy risk to be low.
Only the email addresses of people who received notifications (or the phone number of people who received SMS notifications) were leaked. The content of the notifications was NOT leaked. The leaked data does not say what the notifications were about, and it does NOT reveal any other information about patrons or their library use, such as checkouts and holds. The BC Library Co-op regrets that this happened and is working with the software provider to ensure this issue is resolved and does not occur again.
It is our understanding that the most likely risk from this information leaking is it being used to generate spam or phishing messages. We highly recommend you refer to https://antifraudcentre-centreantifraude.ca/scams-fraudes/phishing-hameconnage-eng.htm for more information. In addition, it may increase the likelihood of spear phishing messages – messages pretending to be from a person or system you are known to communicate with. Please know that the library will NEVER ask you for your password nor any other sensitive email like social insurance or banking information, nor ask for funds from you.
If you receive any message that appears to be from the library but is asking for any of these things, do not hesitate to follow up by calling us directly at if you are at all unsure of its truthfulness (250-442-3944). We are in touch with the Co-op for any updates or developments and will keep you informed if we receive any additional information.