Deschutes Public Library closed all branches and took its website offline through Sunday, citing “network security issues,” after security software flagged a possible breach affecting files on a communications server Friday in central Oregon.
All Deschutes Public Library locations in Deschutes County, Oregon, are closed from Friday, Dec. 12, through Sunday, Dec. 14, and there will be no access to the library website during that period.
Library Director Todd Dunkelberg said security software alerted staff Friday morning to suspicious activity involving files stored on older servers used by the communications department, prompting an immediate shutdown of both physical branches and many online services.
Dunkelberg told the Bend Bulletin he believes the incident is limited to the communications department, which stores press releases, photos and video, and said staff are “pretty confident we caught it early.” He added that some files on the older servers were “likely breached by hackers,” but said there is no indication so far that customer records were accessed.
As a precaution, the library “shut down all the traffic in and out of our site,” Dunkelberg said, which affects staff ability to check materials in and out and provide Wi-Fi in library buildings. Book drops are closed at all six locations until branches reopen.
While the main website is offline, customers can still search and reserve materials through the library’s BiblioCommons catalog and access eBooks, digital audiobooks and magazines through the Libby app. The library has also pointed patrons to online services such as Creativebug, LinkedIn Learning and Mango Languages, which remain reachable directly through short links.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
In a social media post, Dunkelberg said he hopes to restore “regular hours” beginning Monday, Dec. 15, and praised web and IT staff for “working diligently to bring our network back up to speed,” while apologizing for the unexpected shutdown. Earlier local reporting suggested some smaller branches could reopen on slightly different schedules. Officials have not said whether law enforcement or state cyber response teams are involved.
The library has hired an unnamed outside firm to investigate the breach and harden its systems, but has not disclosed what types of files may have been accessed or whether any data was copied or leaked. For now, officials are describing the event publicly as “network security issues,” and have not labeled it as ransomware or confirmed any extortion demand.
The incident comes amid a run of cyber disruptions hitting Oregon institutions. The state Department of Environmental Quality spent weeks rebuilding after an April 2025 cyberattack linked to the Rhysida ransomware group that forced it to shut down its computer network and vehicle emissions testing. Central Point School District 6 recently disclosed that unauthorized access to its systems exposed student and staff information, while a November 2025 cyberattack forced Portland’s Living Room Theaters and its Indianapolis sister cinema to close for about a week as they rebuilt ticketing and web systems with help from the FBI and CISA.
Public libraries have also become frequent targets. Pierce County Library System in Washington said hackers accessed its network in April 2025, stole data and triggered a multiweek outage, prompting notices to hundreds of thousands of patrons and staff. Fort Bend County Libraries in Texas is still rebuilding services after a February 2025 cyberattack that knocked out its catalog and many online resources, and Wyoming’s Laramie County Library System credits recent backups with helping it restore operations quickly after a January 2025 Akira ransomware attack. Delaware’s statewide Division of Libraries is continuing to rebuild systems after a September 2024 RansomHub ransomware attack that cut internet access at dozens of public library computer labs and came with a reported $1 million ransom demand.
Deschutes Public Library is the countywide public library system with six branches in Bend, Redmond, La Pine, Sisters and Sunriver, serving more than 165,000 residents in central Oregon.
Library customers who rely on in-person services, Wi-Fi or physical circulation will see the most disruption through the weekend, while those comfortable with the catalog site, Libby app and other online resources retain partial access to collections. Officials say they will share more information once the third-party investigation determines what, if any, data exposure occurred and whether state or federal notification rules will be triggered.
