Alameda County Library Suffers Cybersecurity Leak

Alameda+County+Library%27s+database+includes+ten+branch+libraries+in+seven+cities.+

Google Images

Alameda County Library's database includes ten branch libraries in seven cities.

Albert Zhu, Staff Writer

On Sept. 11, the Alameda County Library was contacted by perpetrators who claimed to be in possession of the Library’s database of patron names and addresses. They provided a list of thirty-five patrons’ information to the Library, and attempted to sell the information. The Library responded by reporting the perpetrators to local law enforcement, who are still working to find and apprehend the perpetrators involved.

In addition to mailing letters to the thirty-five known affected patrons, Alameda County Library has sent emails to all its registered members, notifying them of the incident.

“We highly value the privacy and security of our members, and we have been working to find out how this happened and make to sure it doesn’t happen again,” Janet Cronbach, Acting Reference Supervisor of Alameda County Library’s Fremont branch said.

There are approximately 400,000 library holders with personally identifiable information in Alameda County Library’s database, which records a name, address, telephone number, and library card number for registered members. The Library does not collect personal information that can be used against members, such as social security number, credit/debit card information, or medical information.

“The data provided by the perpetrators to the Library did not contain additional personal information that the Library collects, such as birth-date, driver’s license number, or e-mail,” Alameda County Librarian Cindy Chadwick said.

To improve database security, the Library is seeking to implement new ways to store members’ information.

“We have people working on improving the security of our databases in order to prevent possible future incidents from happening,” Cronbach said.

Currently, the Library is still in the process of investigating how many members’ information was leaked. However, there have not been any more threats or actions taken by the perpetrators since Sept. 11.