Internet Archive hacked, data breach impacts 31 million users

Internet Archive hacked, data breach impacts 31 million users

October 9, 2024 at 06:26PM

The Internet Archive’s “Wayback Machine” experienced a data breach, exposing a user authentication database with 31 million records. The breach was confirmed after hacker alerts appeared on the site. The stolen data includes email addresses and hashed passwords. A DDoS attack was also reported, claimed by the BlackMeta group.

### Meeting Takeaways: Internet Archive Data Breach

1. **Breach Overview**:
– The Internet Archive’s “The Wayback Machine” experienced a security breach, leading to the theft of a user authentication database containing 31 million unique records.

2. **Initial Detection**:
– Users began noticing a JavaScript alert on archive.org, created by the hacker, indicating that the site had been compromised.

3. **Data Compromise Details**:
– The compromised database is a 6.4GB SQL file named “ia_users.sql.”
– It includes sensitive information such as:
– Email addresses
– Screen names
– Password change timestamps
– Bcrypt-hashed passwords
– Other internal user data

4. **Connection to HIBP**:
– The breach data is expected to be added to the “Have I Been Pwned” (HIBP) service, allowing affected users to check for data exposure.

5. **Verification of Data**:
– Troy Hunt, creator of HIBP, confirmed the authenticity of the stolen data by reaching out to individuals listed in the database.
– A cybersecurity researcher, Scott Helme, confirmed that his data matched the records in the breach.

6. **Response and Procedures**:
– Hunt initiated a disclosure process with the Internet Archive and expected the data to be integrated into HIBP within 48 hours but has not received a response from the Internet Archive.

7. **Ongoing Security Threats**:
– Concurrently, the Internet Archive is experiencing DDoS attacks claimed by the BlackMeta hacktivist group, indicating continued security risks.

8. **Current Status**:
– The method of the breach and whether additional data was compromised remains undetermined.
– The Internet Archive has not provided comments on the situation following inquiries from BleepingComputer.

These takeaways highlight the severity of the breach and the implications for internet users associated with the Internet Archive. Further updates are anticipated as more information becomes available.

Full Article