The Internet Archive is currently under attack from hacker groups. And, it seems these bad actors have been able to access sensitive data for millions of the Internet Archive’s users.
The non-profit Internet Archive, which keeps archived versions of digital media including websites via The Wayback Machine, has been suffering from distributed denial of service (DDoS) attacks since the beginning of the week. These attacks have resulted in prolonged inaccessibility.
“@internetarchive is being cautious and prioritizing keeping data safe at the expense of service availability,” posted Internet Archive digital librarian Brewster Kahle on his X account.
However, the DDoS attacks aren’t the only thing the Internet Archive has to worry about. It appears that the Internet Archive has been unable to keep at least some of its data safe as it undergoes attacks from threat actors.
Emails, screen names, and encrypted passwords for 31 million Internet Archive users have been stolen in a data breach. At this time, it’s unclear if the data breach and the DDoS attacks are related.
Internet Archive hacked
Along with the downtime related to the DDoS attacks, social media users began noticing a pop-up prompt on the Internet Archive’s website on Wednesday.
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach?” read the prompt. “It just happened. See 31 million of you on HIBP!”
HIBP refers to the website Have I Been Pwned, a website that notifies users if their data was involved in a data breach.
According to Bleeping Computer, Have I Been Pwned founder Troy Hunt confirmed to the outlet that they had received a 6.4GB SQL database file which includes users’ “email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data.”
Hunt has been able to confirm the legitimacy of the data. Based on the timestamp on the hacked information, it appears that it was likely stolen on September 28, 2024. Hunt said that he contacted the Internet Archive before loading the data into the Have I Been Pwned service. He has not yet heard back.
A group known as SN-Blackmeta has claimed responsibility for the DDoS attack. Again, its unclear if they are involved in the data breach. The group said that it carried out the DDoS attack because of the United States’ support for Israel and that the Internet Archive “belongs to the USA.” Many social media users were quick to point out that the Internet Archive is an independent non-profit organization and is not affiliated with the U.S. government.
Mashable has reached out to the Internet Archive for more information on the attacks and will update this post when we hear back.
