Internet Archive hack affects 31 million users

Share post:

The Internet Archive, best known for its “Wayback Machine,” has suffered a major data breach, compromising the user authentication database of 31 million registered users. News of the breach surfaced when visitors to archive.org encountered a JavaScript alert stating that the Internet Archive had been breached.

The message read: “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!” The reference to HIBP refers to the “Have I Been Pwned” data breach notification service, which later confirmed the inclusion of the Internet Archive’s compromised data.

According to HIBP’s founder, Troy Hunt, the hacker provided the Internet Archive’s authentication database to him, which included user email addresses, screen names, bcrypt-hashed passwords, and other internal data. The most recent timestamp on the stolen records suggests the breach occurred on September 28, 2024. Hunt attempted to notify the Internet Archive three days before adding the data to HIBP but did not receive a response.

Further complicating the situation, the Internet Archive also suffered a DDoS attack, claimed by the BlackMeta hacktivist group. Internet Archive founder Brewster Kahle confirmed the attack, stating that the site had faced a defacement involving the use of a JavaScript library and that steps were being taken to secure their systems.

In an additional twist, a pro-Palestinian hacktivist group has also claimed responsibility for both compromising the login information of users and launching a sustained DDoS attack on the Internet Archive, further heightening concerns about the security and stability of one of the world’s largest digital archives. Brewster Kahle’s posts on X (formerly Twitter) reflected his frustration, stating, “DDOS on a Tuesday? Last time it was a Monday.” The attacks have since taken the Archive offline intermittently, with ongoing efforts to restore access.

Troy Hunt shared a timeline of the breach, noting that he received the compromised data on September 30 but was initially unaware of its significance. After realizing the scope of the data on October 5, Hunt contacted the Internet Archive, advising them of the planned addition of the data to the HIBP database within 72 hours, but received no response.

Users of the Internet Archive are advised to change their passwords immediately. Those who have accounts are encouraged to check whether their email addresses were involved in the breach via the “Have I Been Pwned” service.

Sources include: BleepingComputer, TechCrunch, Vice, and posts on X (formerly Twitter) by Brewster Kahle and Troy Hunt.

SUBSCRIBE NOW

Related articles

Microsoft Ends Support for Office 365 Apps on Windows 10: Hashtag Trending for Friday, January 17, 2025

Microsoft announces they won’t support  Office 365 on Windows 10, D-Wave achieves a quantum computing milestone, TikTok prepares...

Hackers Mount High Speed Microsoft 365 Attack: Cyber Security Today – January 17, 2025

Hackers exploit a high-speed Go library to target Microsoft 365 accounts worldwide, North Korea’s Lazarus group lures developers...

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways