In late March, an unauthorized party accessed a limited amount of data for a small number of Libraries in Clackamas County (LINCC) patrons. The unauthorized party accessed the name, library card number, telephone number and birthdate of approximately 185 people, or one-tenth of one percent (0.105%) of the approximately 176,000 patron records in the system.
LINCC is working with its library system vendor, SirsiDynix, to conduct a thorough investigation. A third-party team of forensic and incident response experts confirmed that this was a single, isolated incident and verified that no additional patron data had been accessed. LINCC and SirsiDynix have also been working with federal law enforcement to investigate this unauthorized access.
LINCC continues to be committed to preserving the confidentiality of library patron information. In addition, the County does not store social security number or credit card information. Both the County and SirsiDynix have taken additional precautionary measures to further protect patron data.
While this incident is limited in scope, LINCC is sharing this information, via this press release, with all library patrons.
All residents of Clackamas County, library patrons and others, are encouraged to be mindful about telephone or email scams, especially when asked to provide sensitive financial information. LINCC libraries can help members of the public identify resources for protecting their identity. The Consumer Financial Protection Bureau also provides helpful information about how to avoid fraud and scams. Learn more on the Consumer Finance Protection Bureau website.