The Internet Archive was hit by a major cyberattack on Thursday. The personal data of 31 million of users was stolen and the site was left defaced. “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!” read a JavaScript alert.
HIBP refers to site called “Have I been Pwned”. This site allows users to check whether their personal information have been leaked in cyberattacks.
Internet Archive Major Cyberattack: What We Know?
Internet Archive founder Brewster Kahle confirmed the cyberattack on X.
He wrote, “What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we’ve done: Disabled the JS library, scrubbing systems, upgrading security. Will share more as we know it.”
What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.
— Brewster Kahle (@brewster_kahle) October 10, 2024
What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.
Will share more as we know it.
“Sorry, but DDOS folks are back and knocked http://archive.org and http://openlibrary.org offline. @internetarchive is being cautious and prioritizing keeping data safe at the expense of service availability. Will share more as we know it,” read another X post by Kahle.
HIBP operator Troy Hunt confirmed the breach to ‘BleepingComputer’. Hunt admitted that he received a file containing email addresses, screen names, password change timestamps, and other internal data of 31 million users nine days ago.
New breach: Internet Archive had 31M records breached last month including email address, screen name and bcrypt password hash. 54% were already in @haveibeenpwned. Read more: https://t.co/1d9Mxv97Ac
— Have I Been Pwned (@haveibeenpwned) October 9, 2024
HIBP in a X post claimed that it already had the private data of 54% of these accounts in its database.
An X account called SN_Blackmeta claimed the responsibility of this major cyberattack. “We decided to take down all your online services and resources that include millions of PDF files , Footage , Saved Website History and on top of that completely disabling your any users from accessing your files,” read a X post by SN_Blackmeta.
We decided to take down all your online services and resources that include millions of PDF files , Footage , Saved Website History and on top of that completely disabling your any users from accessing your files.@internetarchive
— 𝐒𝐍_𝐁𝐋𝐀𝐂𝐊𝐌𝐄𝐓𝐀 (@Sn_darkmeta) May 28, 2024
Telegram channel: https://t.co/6BwL14Wo6b pic.twitter.com/38rMCXDYSB
