State Library of NSW responding to April cyber intrusion

“We understand how frustrating the extended service disruption has been for our members and users, and sincerely appreciate your patience as we work through this issue.”

The library initially reported an “extended service disruption” on 1 May, impacting access to its Library Catalogue and member pages. On 6 May, the library said it was “working around the clock to restore services”, before disclosing further details of the incident on 14 May.

“The State Library would like to inform our library community that the current service disruption is the result of a cyber incident,” the library said.

“As soon as we became aware of suspicious activity in our catalogue on 27 April, we took immediate action to secure library systems, including shutting down access to the member portal as an additional precautionary measure. Protecting the personal information of our members, supporters and staff is always our first priority.”

The library said at the time it was working with the Department of Creative Industries, Tourism, Hospitality and Sport and Cyber Security NSW, but had so far found no evidence that personal information had been accessed, nor had its catalogue records been tampered with.

“While there was no evidence of a data breach, we are taking this matter extremely seriously and have fulfilled all mandatory reporting requirements,” the library said.

VIEW ALL

“Our team is now in the process of strengthening our online environment and planning a staged return to full services.”

As of the time of writing, the following services remain unavailable:

• Library catalogue and digital collections
• Library member registration
• Library member login
• E-resources and databases.

No threat actor has claimed responsibility for the incident.