July 6, 2021

KASEYA VSA BREACH

Over the past several weeks, Bibliotheca has worked closely with Kaseya VSA to update our on-premises server to full functionality. After extensive testing, we are now satisfied with the server’s status and confident that all identified security gaps have been eliminated.

Bibliotheca’s support system is now back online and operating normally. Any customers wishing to log in to VSA will be prompted to set up two-factor authentication. This requirement cannot be bypassed. Several authenticator apps work well with VSA, including the popular Google Authenticator.

We know this has been a difficult time for our customers. We sincerely appreciate your patience as we worked to ensure the best possible security for our remote access system.

On Sunday, July 11^th, Kaseya released a patch for their VSA servers designed to safeguard against the type of attack that took place on July 2^nd. Although Bibliotheca’s VSA server was not breached, we are taking every precaution to ensure the server is secure before we bring it back online for our customers. We are currently updating our server and applying and testing Kaseya’s patch. Once we are fully satisfied with its performance, we will relaunch the service and bring Support back to its normal operational capacity. We understand it is important for our customers to have the VSA service back online as soon as possible. We appreciate your patience while we test the service to ensure its safety. Should you need any Support while the VSA server is offline, please visit our Support page at bibliotheca.com/support and use the Teamviewer link to help us connect to your device. You will need to re-establish a new connection with Teamviewer for every inquiry, as it does not install on your system with a continuous connection.

Thank you for your patience!

On Friday, July 2nd 2021, we were made aware of the security incident caused by a cyberattack on Kaseya, and we immediately shut down our VSA server. At the time of the shutdown—and presently—there was no indication that we had been affected by the data breach. Since then, by using a specifically designed detection tool, we have confirmed that our server was NOT compromised. We have no reason to believe any Bibliotheca customer or personal data has been compromised. We are working with Kaseya to continue to monitor the situation and will update this communication once we confirm with Kaseya that it is safe to bring their VSA server online again. Please check Kaseya’s website for the most up to date information.

About Bibliotheca

Bibliotheca is a global library technology partner helping libraries create more accessible, connected, and intuitive experiences for their communities. For more than 50 years, the company has worked with libraries to simplify everyday operations, support staff, and give patrons more flexibility in how they access services, resources, and spaces.

Today, Bibliotheca works with more than 30,000 libraries across 21 countries. Its solutions support self-service, returns, extended access, digital engagement, and accessibility-focused experiences, all designed around the real needs of modern libraries and the communities they serve.

For more information on this release, please contact
info@bibliotheca.com.