Issue Internet Archive Data Breach

Internet Archive Data Breach

The Internet Archive's Wayback Machine has experienced a significant data breach after a cybercriminal compromised its website, leading to the theft of a user authentication database containing 31 million unique records. This breach was brought to light when visitors to archive.org began encountering a JavaScript alert crafted by the hacker, notifying them of the breach.

The alert displayed a message: 'Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!' The abbreviation 'HIBP' stands for the Have I Been Pwned service, which tracks data breaches.

The Wayback Machine: A Digital Time Capsule for the Internet

The Wayback Machine, created by the Internet Archive in 2001, serves as a vital tool for preserving the digital history of the World Wide Web. It allows users to consult archived versions of Web pages dating back to 1996. By crawling and storing snapshots of Web pages at various intervals, the Wayback Machine enables users to revisit the past iterations of websites, providing a unique perspective on the evolution of online content and digital culture.

The Unique Role of the Wayback Machine

  • Web Preservation: The Wayback Machine plays a crucial role in archiving Web content that might otherwise be lost due to website updates, deletions or domain expirations. As websites continuously evolve, many valuable resources, articles, and projects can disappear. The Wayback Machine ensures that these materials are preserved for future access, serving as a digital library of historical Web pages.
  • Research and Education: Researchers, historians, and educators can utilize the Wayback Machine to study the development of information over time, track changes in public opinion, and analyze how events were reported in the past. By accessing archived pages, they can gain insights into historical trends, cultural shifts, and societal changes reflected in the digital realm.
  • Legal and Compliance Needs: The Wayback Machine is frequently referenced in legal cases where archived Web content is necessary as evidence. It can provide important documentation of what was available online at a specific time, assisting in intellectual property disputes, defamation cases and more.

Importance of the Internet

  • Cultural Heritage: The Wayback Machine contributes to the preservation of digital cultural heritage by documenting the evolution of websites, art, literature, and online communities. It safeguards the unique and transient nature of the internet, allowing future generations to understand the past digital landscape and its significance.
  • Transparency and Accountability: By maintaining a public record of the Web, the Wayback Machine promotes transparency and accountability. It allows users to track changes in information, examine shifts in policies or statements made by organizations and hold entities accountable for their online presence.
  • Facilitating Innovation: The archived content serves as a resource for developers and creators seeking inspiration or learning from past designs, functionalities or content strategies. The ability to explore how websites have changed can inform contemporary web design and development practices.

Over 30 Million Compromised Accounts

The compromised database, identified as a 6.4GB SQL file named ia_users.sql, includes authentication details for registered users. This data encompasses email addresses, screen names, timestamps for password changes, Bcrypt-hashed passwords and other internal information. Notably, the latest timestamp for the records indicates they were collected on September 28, 2024, bringing the total number of unique email addresses involved to 31 million.

As of now, the exact method used by the threat actors to breach the Internet Archive remains unclear, along with whether any additional data was taken.

Threat Actors Target the Internet Archive with DDoS Attacks

In a separate but related issue, the Internet Archive has also been the target of a DDoS attack, recently claimed by the BlackMeta hacktivist group, which has indicated plans for further attacks.

The creator of the Internet Archive, Brewster Kahle, provided an update via Twitter/X, confirming the data breach and revealing that the hacker utilized a JavaScript library to present alerts to users. He stated, 'What we know: DDoS attack fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we've done: Disabled the JS library, scrubbing systems, upgrading security.'

A subsequent update mentioned that DDoS attacks have resumed, causing archive.org and openlibrary.org to go offline once again. While the Internet Archive is currently grappling with both a data breach and ongoing DDoS attacks, authorities do not believe the two incidents are connected.

Loading...