Here’s the popup content:
Internet Archive Under Siege: DDoS Attacks and a Mysterious Data Breach
The Internet Archive, a non-profit digital library beloved for its Wayback Machine, has been battling a relentless wave of DDoS attacks since May 2024. While these attacks, often attributed to a Russian-based hacking group called SN_BLACKMETA, have caused service disruptions, a far more concerning development has recently come to light.
On September 28th, a major security breach resulted in the theft of data belonging to 31 million Internet Archive users. This information, including email addresses, screen names, and encrypted passwords, was dumped online and subsequently shared with the breach notification platform, Have I Been Pwned (HIBP).
The hackers defaced the Internet Archive website with a taunting pop-up message, bragging about the breach and directing users to HIBP to check if their data was compromised. This defacement, achieved by manipulating the website’s JavaScript, suggests a deeper infiltration than initially suspected, with the attackers lurking undetected for at least ten days.
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”
While the DDoS attacks seem aimed at disrupting access to the archive, the motive behind the data breach remains shrouded in mystery. No ransom demands have been made, leaving cybersecurity experts to speculate about the attackers’ ultimate goal. Some theorize that the attackers may be attempting to erase specific content from the archive, while others suggest it could be a politically motivated attack or simply an act of malicious mischief.
What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.
What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.
Will share more as we know it.
— Brewster Kahle (@brewster_kahle) October 10, 2024
Internet Archive founder Brewster Kahle has confirmed the breach and assured users that the website is undergoing security upgrades and system scrubbing. He also emphasized that the archive does not store sensitive user data, and the encrypted nature of the passwords minimizes the risk of direct account compromise. However, users are urged to remain vigilant against potential phishing scams that may exploit the stolen information.
