HomeWinBuzzer NewsInternet Archive Struggles with Data Breach and Ongoing DDoS Attacks Affecting 31...

Internet Archive Struggles with Data Breach and Ongoing DDoS Attacks Affecting 31 Million Accounts

The Internet Archive suffered a data breach exposing 31 million users' email addresses, usernames, and encrypted passwords.

-

The Internet Archive, known for preserving vast amounts of web content, revealed a major security incident this week involving the data of 31 million user accounts. The breach came to light after a message appeared on the site’s homepage, notifying visitors of the attack with a blunt warning: “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of a catastrophic security breach? It just happened. See 31 million of you on HIBP!

Sensitive User Data Compromised

Hackers obtained sensitive information, including email addresses, usernames, and encrypted passwords. The stolen data, amounting to 6.4GB, was verified by Troy Hunt, a well-known security researcher behind the Have I Been Pwned (HIBP) website. Hunt, who received the data on September 30, confirmed its authenticity and alerted the Internet Archive on October 6. The breach was officially acknowledged by the organization a day later.

Hunt’s analysis revealed that over half of the affected accounts had already been compromised in past breaches, highlighting ongoing challenges with online security. The compromised information also included details about password changes, indicating that hackers had gained access to more than just basic user credentials.

DDoS Attacks Amplify the Chaos

As the organization worked to handle the breach, a wave of distributed denial-of-service (DDoS) attacks added to the chaos. The Internet Archive’s founder, Brewster Kahle, confirmed that multiple DDoS attempts had hit the site around the same time as the breach.

An entity called BlackMeta took credit for these attacks, which disrupted access to the archive’s resources. BlackMeta, known for targeting the site in May, announced plans for further attacks, exacerbating the crisis.

The DDoS campaign included exploiting a vulnerability in a JavaScript library used by the archive. This allowed the attackers to deface the site, leading the organization to disable the compromised library and begin a thorough cleanup of its systems.

Legal Troubles Mount for the Nonprofit

The timing of the breach couldn’t be worse for the Internet Archive, as it’s already facing serious legal issues. Recently, a court ruled against the nonprofit in a case brought by publishers over digital lending practices, raising concerns about the archive’s financial stability. Additionally, a lawsuit from music labels could result in over $600 million in damages, putting the future of the organization at risk.

With these lawsuits hanging over its head, the breach adds another layer of complications for an entity that plays a key role in preserving internet history. The nonprofit’s dual challenges—legal and technical—threaten to disrupt its mission and impact millions of users who rely on its services.

Hunt Calls for Understanding Amid Security Failures

Troy Hunt noted that while he had urged the Internet Archive to disclose the breach sooner, he acknowledged the difficulties they faced given the onslaught of DDoS attacks. Hunt proceeded to load the compromised data into HIBP, enabling affected users to verify if their accounts were exposed. He emphasized that the organization’s nonprofit nature and its role in web preservation should be considered when evaluating its response to the breach.

Users of the Internet Archive are advised to change their passwords and keep an eye on account activity for any unusual behavior. Meanwhile, the organization continues its efforts to stabilize the situation and prevent further attacks, navigating a turbulent period of both technical and legal turmoil.

Last Updated on November 7, 2024 2:36 pm CET

Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x