Internet Archive breach: 31 million users' data exposed
Uncover the story behind popular site Internet Archive’s recent cyberattack that exposed 31 million user records!
The Internet Archive, a cherished digital library offering access to millions of free books, movies, music, and websites, has recently emerged from a significant cyberattack. A pop-up message of the hack revealed this mega breach exposed the personal data of 31 million users!
This shocking incident not only took the platform offline for several days but also raised serious concerns about data security in our increasingly digital world. While the non-profit organisation's website is currently back online, it may undergo periodic suspensions for maintenance. Here's everything you need to know about it!
Internet archive hit by DDoS attack
On 9th October 2024, the popular site Internet Archive fell victim to a Distributed Denial-of-Service (DDoS) attack that overwhelmed its servers, leading to an extended outage. The consequence of this cyberattack was not small. The major breach was executed through their JavaScript (JS) library exposing sensitive user data, including email addresses, usernames and passwords.
The founder of Internet Archive Brewster Kahle acknowledged this security breach on the X platform. In his post, he stated that the firm had done DDoS scrubbing, disabled the JS library and upgraded its security.
The impact of this mega breach
The exposure of 31 million user records is a critical breach that has sent ripples through the Internet Archive community. Many users rely on this platform for educational resources, research, and personal enjoyment.
The potential misuse of exposed data raises significant alarm bells, as it can lead to phishing attempts and various forms of online exploitation. In the era of AI, hackers can generate believable emails and messages with malicious links.
Following this security breach, around 31 million account users are at risk as fraudsters can use their data for nefarious purposes. A message on the hacked site revealed that the stolen data can be confirmed on Have I Been Pwned? (HIBP). HIBP is a well-known site that helps people check if their details were leaked in a breach.
This incident starkly illustrates the urgent need for robust cybersecurity measures, especially for organisations that handle vast amounts of sensitive data.
Internet archive comes back online
After the recent attack, the Internet Archive has taken swift action to boost its security measures and has now brought its services back online. However, they are currently in read-only mode.
Meanwhile, the Wayback Machine is still accessible, offering a staggering 916 billion web pages for users to explore, except for the most recent ones. The organisation is also actively addressing vulnerabilities in its system to prevent future attacks.
It's worth noting that this attack coincided with Google's decision to include archive website links in the Wayback Machine, providing users with access to previous versions of websites and archived pages.
The bottom line
The Internet Archive is a unique platform that provides access to archived web pages and content. Unfortunately, the platform recently experienced a DDoS cyberattack and outage, leading to the leakage of 31 million user records. Moving forward, the Internet Archive must focus on enhancing user trust and data protection to maintain its status as a valuable resource for preserving knowledge and culture in today's digital age.