The Internet Archive, a non-profit that hosts a digital library, was recently hit with a double dose of cyberattacks from hackers, with one exposing the data of tens of millions of the site’s users. The organization’s services have also been temporarily suspended due to the attacks. The incidents are just the latest in a year of bad luck for the Internet Archive.
A ‘catastrophic security breach’
The Internet Archive’s “Wayback Machine” suffered a massive data breach after a hacker compromised the website to steal its user authentication database, which contained the data of 31 million users. News of the breach began circulating online after users were greeted with a cryptic JavaScript alert left by the hacker.
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach?” the attacker said in the pop-up message. “It just happened. See 31 million of you on HIBP!” The last line referred to the data breach notification website Have I Been Pwned, created by Troy Hunt, with whom “threat actors commonly share stolen data to be added to the service,” said Bleeping Computer. Hunt confirmed that the breach is legitimate in an X post. He told Bleeping Computer that he received the stolen data in September. The trove of stolen data included 31 million email unique email addresses, usernames, and other internal data.
The Internet Archive’s founder, Brewster Kahle, also confirmed the breach and said the website had been defaced with the pop-up through a JavaScript library. The site was also hit with a series of distributed denial-of-service (DDoS) attacks that have taken archive.org and openlibrary.org offline. As of Tuesday, both sites remained offline. Internet Archive is being “cautious and prioritizing keeping data safe at the expense of service availability,” Kahle said in an update on X.
A tough year for the Internet Archive
Even though the hacking and the DDoS attacks coincided, they appear to be unrelated. It isn’t entirely clear who was behind the attacks, but the BlackMeta hacktivist group claimed responsibility on X for the DDoS attacks and said it plans to carry out more against the Internet Archive. The group claimed to target the archive because it “belongs to the USA,” whose “horrendous and hypocritical government supports the genocide that is being carried out by the terrorist state of ‘Israel.'” Its involvement has not been confirmed.
The cyber attacks were just the latest in several uphill battles the Internet Archive has faced in recent months. The non-profit recently lost an appeal in a lawsuit over ebook copyrights brought against it by a group of book publishers. Last year, music publishers Sony Music and Concord filed a similar suit against Internet Archive for $621 million in damages for copyright infringement.
If you have an Internet Archive account, your “username and email could well have been captured by the site’s attackers,” said PC Gamer. The good news is that the “version of your password they’ve gotten hold of is encrypted.” Regardless, you should “absolutely change your Archive password as soon as you can — and change it anywhere else you use that password, too.”