The municipally-owned Toronto Zoo has been hit by a ransomware attack.
The cyber attack was first detected early Friday, Jan. 5, the zoo said in a statement Monday,
“We are investigating the impact, if any, to our guests, members and donor records,” the statement says. “We can confirm we do not currently store any credit card information. Once we have more information we will share it broadly.
In addition to member and donor records, the IT system might have information on the 273 permanent full-time and 330 part-time or seasonal employees.
“We are working with the City of Toronto’s Chief Information Security Office and third-party cyber security experts to resolve the situation and have reported it to Toronto Police Services” the statement said.
The internationally respected zoo is located in a river valley at the eastern edge of the city, spread over 287 hectares (710 acres). It attracts about 1.3 million visitors a year. Its collection includes 5,816 animals, not including invertebrates, representing 495 different
species.
Asked for comment, Katie Gray, the zoo’s strategic communications manager, said, “We can’t share anything further than what’s in the release.”
The incident comes after a ransomware attack in October on the Toronto Public Library system. Among the questions is whether there is a link between that attack and the zoo compromise. The City of Toronto was itself one of the over 2,000 victim organizations of the vulnerability in the MOVEit file transfer application, which was leveraged by the Cl0p ransomware gang last May.