By Ashwani Mishra, Editor-Technology, 63SATS
Zoos are places of wonder, where people flock to observe exotic animals in carefully designed habitats.
Visitors admire wildlife from a safe distance, comforted by the barriers separating them from the creatures within.
However, just as these enclosures protect animals from external threats, the digital world requires its own safeguards to protect sensitive information.
Unfortunately, at the Toronto Zoo, those digital fences were breached.
In a cyberattack, hackers infiltrated the zoo’s systems, stealing two decades’ worth of visitor data, leaving personal information exposed like an open cage in a predator-filled jungle.
The Digital Safari: A Stolen Trail of Visitor Information
Much like visitors leave footprints on the trails of a zoo, they also leave digital traces when purchasing tickets, becoming members, or making donations.
These digital tracks—names, addresses, phone numbers, and email addresses—were stored in the zoo’s database, unknowingly waiting to be preyed upon.
According to a recent statement from the Toronto Zoo, hackers accessed and copied transaction data for every visitor between the year 2000 and April 2023. In some cases, the stolen data even included the last four digits of credit cards and expiration dates for transactions made between January 2022 and April 2023.
To make matters worse, the stolen data was leaked on the dark web—a hidden corner of the internet where cybercriminals buy and sell stolen information. While the leaked data is currently difficult to access, the zoo warned that this could change at any time, leaving millions of visitors at risk.
Beyond Visitor Data: A Blow to Wildlife Conservation
The impact of the cyberattack went far beyond ticket sales and visitor records. In addition to personal information, the hackers also wiped out decades of critical wildlife conservation research.
Zoos are not just places of entertainment—they are vital hubs for global conservation efforts. Research collected over the years helps in breeding programs, species preservation, and habitat restoration. Losing such valuable information is like releasing endangered animals into an unfamiliar wilderness, with no way to track or protect them.
The cyberattack was claimed by the Akira ransomware group, which boasted about stealing 133 gigabytes of confidential data, including personal files, donor records, and internal agreements.
The Ripple Effect: Staff, Volunteers, and Donors at Risk
While the stolen visitor information made headlines, the zoo also confirmed that current and former employees, volunteers, and donors dating back to 1989 likely had their information compromised as well.
In response, the organization offered credit monitoring services to affected individuals, warning them to stay vigilant against phishing attempts and fraudulent activity. The Toronto Zoo also reported the breach to the Office of the Information and Privacy Commissioner of Ontario, which has since launched an investigation.
