Baker & Taylor, a major distributor of books and other content to libraries, experienced a ransomware attack on about August 22, 2022. Disrupted services, include the Title Source 360 ecommerce system that libraries use to place orders for materials and the EDI services used for automated transactions with library systems. The Axis 360 ebook service was not impacted.
The outage of Title Source 360 was restored on the morning of September 7, ending a 17-day outage.
Few details are currently available regarding the incident. In response to an inquiry, on September 1, 2022, Baker & Taylor responded:
Baker & Taylor is working to restore from a ransomware incident that has impacted our network. We proactively took certain systems offline, and we regret the interruption this has caused our customers. We have engaged technical teams who are working around the clock to get us back online. The investigation into the root cause of this incident is ongoing and in its early stages. We will provide updates as additional relevant information becomes available.
The company was been able to provide additional details while focusing all resources on restoring services. This article will be updated as new information becomes available.
Impact of the incident
Baker &Taylor is the primary distributor for books and other materials for many libraries. Although most of its customers are public libraries, academic and school libraries also use its services. 360 Title Source provides the catalog of materials available as well as the ecommerce environment for libraries to purchase materials. In parallel with 360 Title Source, Baker & Taylor provides an EDI interface that automatically processes transactions with the acquisitions module of the library's ILS. Both of these services have been unavailable. Though outages such as these are disruptive at any time, this event comes when many libraries may be acquiring materials in advance of the beginning of the school year.
Details of the attack against Baker & Taylor
At the time of writing (September 5, 2022), few details are available regarding the nature of the attack targeting Baker & Taylor. The lengthy time of recovery (16 days and counting) suggests that Baker & Taylor did not pay the ransom demand. Messages from Baker & Taylor state that they have engaged external experts to assist with recovery.
During the outage, visitors attempting to select the Order features on the Baker & Taylor site received the default Windows ASP.NET 404 error response code rather than an explanatory message.
It is not known whether any customer data may have been compromised though the security incident.
Timeline
- Aug 21, 2022: Ransomware attack launched
- Aug 22, 2022: Server outages detected. B&T message posted on Twitter:
We sincerely apologize for the trouble this has caused. Over the weekend, a server outage impacted systems and applications across Baker & Taylor. We don't have an estimated restoration time at the moment, but will keep you updated via email and our corporate site.
- Aug 23, 2022: B&T Update:
Yesterday, we advised that over the weekend, a server outage impacted systems and applications across Baker & Taylor. Currently, Title Source 360, EDI, and the phone systems at our offices and service centers remain offline.
We have engaged a technical team that is working around the clock to restore business critical systems and to determine how this occurred.
We are working tirelessly to bring our systems back online. At this time, we believe disruptions may persist through this week. We will continue to provide status updates via email and this website.
- Aug 24, 2022: B&T update:
As we previously communicated, a server outage continues to impact systems and applications across Baker & Taylor. Title Source 360, EDI, and the phone systems at our offices and services centers remain offline.
We have engaged outside third party experts to help us resolve the issue and they along with our internal technical teams continue to work around the clock to restore business critical systems and to determine how this occurred. Unfortunately, at this time we continue to believe the disruptions will persist through this week. We will provide updates as additional relevant information becomes available.
- Aug 30, 2022: B&T Twitter post:
Thank you again for your patience and partnership as we recover from last week's ransomware attack. We expect disruptions to continue this week but are hopeful we can provide timelines for individual systems and applications as the week progresses.
- Sept 1, 2022: B&T update:
Thank you again for your patience, kind words, and partnership as we recover from last week's ransomware attack. Our team has been working around the clock to return to normal operations.
Our priority has been remediating our systems and ensuring they are sanitized. As that work is completed, our focus is transitioning to restoration, bringing our systems online, and returning to operations in a phased approach. We expect disruptions to continue this week but are hopeful we can provide timelines for individual systems and applications as the week progresses. Thank you for your understanding.
- Sept 2, 2022: B&T update:
As Baker & Taylor has previously announced, we detected a ransomware incident that is affecting several B&T services. Our IT staff and others are working incredibly hard to restore our systems to allow us to continue serving our customers, and we are pleased to report that we are making good progress on these efforts. Our phone systems are operational, and our value-added services are being brought back online in our service centers.
As we continue our recovery efforts, we understand that you may be concerned about whether it is safe for you to interact with Baker & Taylor electronically. We want to assure you that confirming the security of our environment has been, and remains, a top priority for us as we work through the recovery process. In fact, the methodical pace of our restoration is in part a reflection of our efforts to recover safely and thoughtfully, with guidance from industry experts. We expect additional systems to come online shortly. But consistent with our approach, we will not bring them up until we are confident in their security.
We know how disruptive this incident has been for our customers and partners and we remain committed to fully resolving it. We will continue to partner with our cyber intelligence experts to further investigate, and we will provide additional relevant information as it becomes available.
- Sept 5, 2022: B&T update:
Update as of 9/05/2022: As Baker & Taylor has previously announced, we detected a ransomware incident that is affecting several B&T services. Our IT staff and others are working incredibly hard to restore our systems to allow us to continue serving our customers, and we are pleased to report that we are making good progress on these efforts. Our phone systems are operational, and our value-added services are being brought back online in our service centers.
As we continue our recovery efforts, we understand that you may be concerned about whether it is safe for you to interact with Baker & Taylor electronically. We want to assure you that confirming the security of our environment has been, and remains, a top priority for us as we work through the recovery process. In fact, the methodical pace of our restoration is in part a reflection of our efforts to recover safely and thoughtfully, with guidance from industry experts. We expect additional systems to come online shortly. But consistent with our approach, we will not bring them up until we are confident in their security.
We know how disruptive this incident has been for our customers and partners and we remain committed to fully resolving it. We will continue to partner with our cyber intelligence experts to further investigate, and we will provide additional relevant information as it becomes available.
- Sept 6, 2022: Title Source 360 continues to be unavailable
- Sept 6, 2022: B&T update:
Update as of 9/06/2022: We know it has been a frustrating period for our customers as we worked to restore several systems and services after a ransomware incident. We are pleased to announce that many disrupted applications are back online today. And tomorrow, Wednesday, September 7, Title Source 360 will be fully functional and accessible.
Bringing our systems back online safely and securely has been a top priority. Our internal technical teams with the support of external cyber-security experts have brought our servers and applications back online after thoroughly assessing and confirming their security. At this time, we do not believe there is any active malicious software in our environment, including any that would put our customers at risk.
Below are some specific points to guide you as we return to normal operations:
- We will provide a new Title Source 360 IP address for your IT Support Team to allowlist this afternoon.
- Taking this action will ensure access to MARC records and to export select reports.
- Title Source 360 order history and in-progress carts are intact and will be available in users' accounts.
- Orders placed before our outage will flow as normal – additional action by customers is not required.
- EDI transactions are restored, and no user updates are necessary.
- We are engaging with customers through normal channels, including email and our FTP site.
Our support teams are ready to assist customers as needed. You can contact Customer Service at:
- customer.service@baker-taylor.com / 800-775-1200 or Technical Support at tech.support@baker-taylor.com
- http://support.site.baker-taylor.com/800-775-3700.
This was a difficult time for the entire Baker & Taylor team knowing we could not serve our customers. We were bolstered by your many notes and calls of support. And we are ready to work as hard as we can to fulfill orders and meet your expectations. We are committed to supporting our customers as we come back online.
- Sept 7, 2022: Title Source 360 and EDI fully functional.
Follow-up Information
Baker & Taylor did not respond to requests for additional information on the technical and procedural details of the ransomware incident. This lack of response is not unexpected given that most businesses consider such information as internally proprietary.
September 21, 2022 Update: Some problems persist
Some ongoing disruptions to services have been reported by Baker & Taylor customers. One library manager commented:
Although the report states that EDI was fully functional, OneClick was not. After following up with B&T technical support, we were informed that we had to ask our ILS vendor to open new ports. In addition, their Online Customer Support Portal is still not functional, so we can't get back order reports or print invoices if needed. We still have not received our invoices from when their system was down -- three weeks' worth of invoices. This means our ILS funds cannot be updated. Luckily it's not the end of the fiscal year. Finally, we are still not getting all our First Look carts, and we have not been able to do selector cart reassignments. It's still a work in progress. (Tuesday, September 20, 2022)
Baker & Taylor company background
Baker & Taylor provides a variety of services to libraries and publishers. Its products include Title Source 360, an ecommerce environment used by libraries to procure materials and its Axis 360 platform for library ebook lending. Other services include CollectionHQ for collection analytics as well as other library workflow solutions. The company recently launched BTCat, a bibliographic service for public libraries.
The company traces its history to 1828 and has seen many changes in its business over its two centuries of operation.
Baker & Taylor is owned by an investment group led by its CEO Aman Kochar. In November 2021, the business was divested by Follett Corporation which acquired it in April 2016.
The Dec 2021 issue of Smart Libraries Newsletter included coverage of this transition in ownership.
Baker & Taylor, a major distributor of print and ebooks to libraries has changed ownership. The company has separated from Follett Corporation and has been acquired by a group of private investors led by President and Chief Executive Officer Amandeep Kochar. The composition of the investment group has not been publicly disclosed.
Baker & Taylor was acquired by Follett Corporation in April 2016. At that time, the company was estimated to bring in about $1 billion in annual revenue. (Press releases in 2016 stated that Follett was a $2.6 billion company and by 2017, following the acquisition, the stated figure was $3.6 billion.3) Under Follett Corporation, Baker & Taylor made some significant changes in its business strategies, shifting its business to focus as a supplier of books to libraries. In May 2019 the company discontinued its position as a wholesale distributor of books to retail bookstores to concentrate on its role as a supplier of books to public libraries. In October 2020, Baker & Taylor announced its reentry as a distributor of books and ebooks to academic libraries.