The Internet Archive, home to the popular Wayback Machine, has fallen victim to a significant cyberattack, exposing the data of 31 million users. This breach, coupled with ongoing distributed denial-of-service (DDoS) attacks, has left the non-profit organization scrambling to maintain its services and mitigate the damage.
The Breach
Security researcher Troy Hunt, founder of Have I Been Pwned (HIBP), confirmed the legitimacy of the breach, which occurred in September. The stolen data includes:
- 31 million unique email addresses
- Usernames
- Bcrypt password hashes
- Other system data
The breach was first brought to public attention when hackers defaced the Internet Archive's website with a JavaScript pop-up on Wednesday, October 8, 2024, announcing the incident.
DDoS Attacks and Website Defacement
In addition to the data breach, the Internet Archive has been grappling with:
- Waves of DDoS attacks causing intermittent service outages
- Website defacement via a compromised JavaScript library
Internet Archive founder Brewster Kahle acknowledged these issues in a public statement on the social network X (formerly Twitter), saying, What we know: DDOS attack—fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.
Response and Ongoing Challenges
The Internet Archive team has taken several steps to address the situation:
- Disabling the compromised JavaScript library
- Scrubbing systems to remove malicious elements
- Upgrading security measures
However, the organization faces ongoing challenges:
- Continued DDoS attacks, with the hacktivist group BlackMeta claiming responsibility
- Legal battles, including a recent loss in a copyright lawsuit brought by book publishers
- A potential $621 million lawsuit from music labels
What Users Should Do
While the stolen passwords were hashed using bcrypt, a strong encryption method, users are advised to:
- Change their Internet Archive passwords immediately
- Use unique passwords for all online accounts
- Enable two-factor authentication where possible
As this situation continues to develop, the Internet Archive's ability to preserve digital history hangs in the balance. The incident serves as a stark reminder of the vulnerability of even the most established online institutions to cyber threats.