The Internet Archive is under attack, with a breach revealing info for 31 million accounts

The Internet Archive is under attack, with a breach revealing info for 31 million accounts

October 10, 2024·İbrahim Korucuoğlu
İbrahim Korucuoğlu

The recent data breach affecting the Internet Archive has raised significant concerns about cybersecurity and the protection of user data. This incident, which exposed the personal information of approximately 31 million accounts, highlights vulnerabilities in digital platforms that serve critical roles in preserving internet history and access to information. In this blog post, we will delve into the details of the breach, its implications for users, and the broader context of cybersecurity in nonprofit organizations.

Overview of the Incident

On October 9, 2024, the Internet Archive, a nonprofit organization renowned for its vast digital library and the Wayback Machine, suffered a significant cyberattack. The breach was confirmed by Brewster Kahle, the founder of the Internet Archive, who reported that a JavaScript alert appeared on the site indicating that user data had been compromised. The alert stated:

"Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!"[1][2].

This alarming message pointed users to “Have I Been Pwned” (HIBP), a service that allows individuals to check if their personal information has been involved in any data breaches.

Details of the Breach

The compromised data includes usernames, email addresses, bcrypt-hashed passwords, and timestamps for password changes[3][4]. The database containing this information is approximately 6.4GB in size and was shared with HIBP shortly after the breach occurred[2][4]. Notably, it was revealed that around 54% of the compromised accounts had already been part of previous breaches, indicating a troubling trend in user data security[1][5].

Troy Hunt, the creator of HIBP, confirmed that he had communicated with users whose data was included in the leaked database. This validation process involved cross-referencing their details with those stored in his service[2][4]. The breach’s authenticity was further corroborated when cybersecurity researcher Scott Helme confirmed that his account details matched those in the leaked records[2].

Attack Mechanism

The attack appears to have exploited vulnerabilities within a JavaScript library used by the Internet Archive. This allowed hackers to deface the website and display the pop-up message to users[4][5]. Additionally, a Distributed Denial-of-Service (DDoS) attack was reported concurrently with the breach, which temporarily incapacitated access to archive.org[3][6]. The group claiming responsibility for these attacks is known as SN_BlackMeta, which has been linked to pro-Palestinian hacktivist initiatives[4][6].

Implications for Users

The ramifications of this breach are profound for both individual users and the Internet Archive as an organization. Users whose data has been compromised are at increased risk for identity theft and phishing attacks. Even though bcrypt-hashed passwords are generally secure against brute-force attacks, users are still advised to change their passwords immediately and enable two-factor authentication where possible[3][4].

For many users who rely on the Internet Archive for access to historical web content and digital resources, this incident raises questions about trust and reliability. The Internet Archive has long been viewed as a bastion of free information; however, this breach may deter users from utilizing its services in the future.

Broader Context: Cybersecurity Challenges for Nonprofits

This incident underscores a critical issue facing nonprofit organizations: cybersecurity preparedness. Many nonprofits operate with limited resources and may not prioritize cybersecurity as highly as larger corporations. This can leave them vulnerable to attacks that exploit their weaker defenses.

Importance of Cybersecurity Measures

To mitigate risks associated with cyberattacks, nonprofits should consider implementing robust cybersecurity measures such as:

Last updated on