Cyber Incident Victim: Volusia County Public Library

The cyber incident impacting Volusia County Public Library (VCPL) began at approximately 7:00 AM on January 9, 2020, disrupting operations across its branches in Daytona Beach, Florida. County technology staff were immediately notified and initiated coordinated recovery efforts with library personnel. The attack resulted in the takedown of 600 staff and public access computers, significantly limiting digital services. Despite this disruption, core library functions such as checking out physical materials remained operational, and the library’s website server was unaffected, preserving online resources and patron access to digital catalogs. Public Wi-Fi services also continued functioning normally, allowing patrons to use personal devices within library facilities. By January 21, approximately 50 computers had been restored, enabling basic staff functions like processing book checkouts and reservations. Full restoration of all public access computers was projected for completion by January 24.

While VCPL’s official statements did not explicitly confirm ransomware as the attack vector, circumstantial evidence—including the widespread encryption of systems—strongly suggested its involvement. The county launched an investigation to determine the incident’s origin and scope, with further details pending release. Concurrently, a separate ransomware attack had affected 26 libraries in Contra Costa County, California, on January 3, 2020, disrupting services such as public printing, Wi-Fi, and account logins. By January 17, most California library services had been restored, though some remained offline. VCPL’s response prioritized maintaining partial operations while emphasizing transparency about recovery timelines, with library officials apologizing for inconveniences and requesting patron patience during restoration efforts.