The Internet Archive is reeling after its Wayback Machine was hit by a massive cyber attack, exposing 31 million users.
The vast data breach occurred after the hackers exploited the website, obtaining a user authentication database containing an array of user details and credentials.
An illicit JavaScript pop-up appeared on the Internet Archive on Wednesday, with the hackers boasting that a major incident had taken place.
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!,” read the alert.
HIBP refers to the Have I Been Pwned data breach notification portal created by Troy Hunt, who threat actors often share information with. The details of stolen data are then added to the service.
Later on Wednesday, the Internet Archive acknowledged the incident.
It was founded in 1996 and provides a digital library, with free access to collections of digitized materials including websites and software applications. The Wayback Machine has billions of archived web pages, with the organization eager to ensure that the digital record remains accessible for future generations.
Last month, Google confirmed it would add links to archived websites through the Wayback Machine.
UPDATE ⬇️ https://t.co/Sl9oQsKaSO
— Internet Archive (@internetarchive) October 10, 2024
Hunt claims more than half of the impacted accounts were breached previously
Hunt took to X to discuss the huge data breach, providing further details.
Let me share more on the chronology of this:
30 Sep: Someone sends me the breach, but I'm travelling and didn't realise the significance
5 Oct: I get a chance to look at it – whoa!
6 Oct: I get in contact with someone at IA and send the data, advising it's our goal to load…— Troy Hunt (@troyhunt) October 9, 2024
He revealed the attack was carried out in September, and the database consisted of more than 31 million unique email addresses.
HIPB also stated 54 percent of the compromised accounts were already listed in its database from previous breaches.
The Internet Archive has had to contend with a series of distributed denial-of-service attacks (DDOS) which has occasionally disrupted its operations, in addition to the breach attempts.
On Wednesday evening, Internet Archive founder Brewster Kahle posted on X to provide a public update on the situation.
He wrote, “What we know: DDOS attack—fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we’ve done: Disabled the JS library, scrubbing systems, upgrading security. Will share more as we know it.”
“Scrubbing systems” refers to services that offer protection from DDoS attacks by filtering malicious junk traffic so it can’t overrun and disrupt a website.
At the time of writing, the Internet Archive has not responded to requests for a comment from several media outlets.
Image credit: Midjourney