Emotet malware infects Annapolis Library computers, affecting over 5,000 customers

• Nearly 600 staff and public library computers were compromised by the attack.
• The library upgraded its detection tools and deployed virus scanner systems to identify suspicious emails.

The officials of Anne Arundel County Public Library, Annapolis, announced that the library suffered a data breach that might have impacted almost 5,000 customers. The breach occurred on September 17, and nearly 600 staff and public library computers were compromised by the attack.

Some of the library computers were infected with the Emotet banking trojan on October 4. The malware was distributed via spam emails to the library’s computers.

“Nearly 600 staff and public library computers were recently exposed to the Emotet virus. Positively identified on Thursday, the malware infection resulted from a sophisticated email reuse,” the library’s officials said in a statement.

While the library officials are yet to estimate the overall data loss, it revealed that no customer information was stored on the library’s database. However, those who used the library computers during the time of the breach to access bank accounts have been urged to check their banking account details.

“While the library had no breach of customer information, any patron who used a public library computer during that time to access bank accounts, purchase goods or services using a credit card or entered their social security number on a website should check their accounts for fraudulent activity and change their passwords,” Anne Arundel County Public Library said.

The library said that it implemented several security measures to mitigate the attack. It has also upgraded its detection tools and deployed virus scanner systems to identify suspicious emails. In addition, the staff is also being trained on how to detect potential threats.

“The library has already upgraded its defenses by investing in a new more sophisticated enterprise-wide virus scanner system that not only looks for virus signatures but also identifies suspicious software behavior across the entire network. Staff is also being trained on how to more quickly identify potential threats. We expect library computers to be operational sometime Tuesday or Wednesday,” the officials added.