Toronto Zoo says it remains open after ransomware attack


The Toronto Zoo said Monday evening that it was responding to a ransomware attack detected on January 5.

The organization said its staff immediately began an investigation into the incident once it was discovered. The zoo welcomes more than 1.2 million visitors each year and has one of the most diverse collections of animals of any facility in the world, with more than 5,000.

“We are investigating the impact, if any, to our guests, Members and donor records. We can confirm we do not currently store any credit card information. Once we have more information we will share it broadly,” zoo officials said.

“Currently, our animal wellbeing, care and support systems have not been impacted by this incident and we are continuing with normal Zoo operations including being open to guests. The Zoo website is not impacted, and ticket purchases can continue to be made online at

The Toronto Police Services have been contacted and Toronto’s Chief Information Security Office is working on the attack alongside cybersecurity experts.

Zoo officials noted that responses to inquiries will be delayed due to the attack. While they would not say what services were affected, they added that they are “grateful we took steps over the past few years to upgrade our technology infrastructure.”

No ransomware gang has taken credit for the attack, but in July, one of the U.S.’s most popular zoos, ZooTampa, was targeted by prolific cybercriminals known for attacking government institutions.

Toronto has dealt with multiple high-profile ransomware incidents over the last year. The city’s public library continues to address with the fallout from a ransomware attack that required months of recovery efforts.

Toronto’s Hospital for Sick Children, Canada’s largest pediatric health center, faced its own ransomware incident almost exactly one year ago, and the city’s government was affected by a ransomware gang’s exploitation of a popular file transfer service.

A 2021 ransomware attack disrupted the activities of the Toronto public transportation agency and took down several systems used by drivers and commuters alike.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Pro-Ukraine hackers claim breach of Russian internet provider

Next Post

Online services down for German craft associations following ‘security incident’

Related Posts

Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds

A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet market. The findings come from Elliptic in collaboration with researchers from the&
Read More