The Internet Archive, a digital treasure trove holding countless snapshots of the internet’s history, has become the target of a significant cyberattack. This incident, which has sent shockwaves through the online community, involves both a data breach and a series of Distributed Denial of Service (DDoS) attacks.
The breach, which allegedly occurred on September 28th, 2024, saw hacking group SN_Blackmeta steal an alarming 31 million emails, passwords, and usernames. The attack came to light when a pop-up message, delivered through a JavaScript library, appeared for users, mocking the site’s security and directing them to Have I Been Pwned (HIBP), a website that helps users check if their data has been compromised.
Troy Hunt, the creator of HIBP, confirmed the breach, stating that the hackers shared the Internet Archive’s authentication database, a massive 6.4GB SQL file named “ia_users.sql,” containing Bcrypt-hashed passwords, password change timestamps, and internal data. The stolen data is expected to be added to HIBP, allowing users to assess if their accounts were affected.
Adding to the ongoing crisis, the Internet Archive has also faced a series of DDoS attacks. These attacks, which aim to overload the site with malicious traffic, effectively shut down archive.org on October 8th and again on October 10th. The hackers have reportedly confirmed that these attacks are not isolated incidents, signaling further disruptions.
The Internet Archive, through its founder Brewster Kahle, has acknowledged both the data breach and DDoS attacks but has not officially linked the two events. While the site remains down, the situation is evolving, and the full extent of the damage is yet to be determined.
This attack has raised concerns about the vulnerability of online archives, which play a crucial role in preserving digital history. The incident serves as a stark reminder of the ever-present threat of cyberattacks and the need for robust security measures to protect sensitive data.
