The Internet Archive Hit by Massive Cyberattack: 31 Million Accounts Compromised
The Internet Archive, a well-known non-profit organization behind the digital library and the popular Wayback Machine, is reeling from a major cyberattack that has exposed the data of millions of users. This breach has not only impacted its internal security but has also raised concerns about the future reliability of the organization’s resources.
The Attack Unfolds
On October 9, 2024, visitors to the Internet Archive’s website were shocked to see a disturbing pop-up message:
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”
This unsettling message revealed that 31 million accounts were compromised, exposing sensitive data including email addresses, usernames, and bcrypt-encrypted passwords. The data breach occurred in September 2024, but it was only brought to light when prominent cybersecurity expert Troy Hunt, founder of the breach notification service Have I Been Pwned (HIBP), confirmed receiving the stolen data on September 30. Hunt promptly notified the Internet Archive on October 6.
DDoS Attacks and Hacktivist Involvement
The breach coincided with a Distributed Denial of Service (DDoS) attack, which temporarily knocked the Wayback Machine offline. A hacktivist group called SN_BlackMeta claimed responsibility for the DDoS attacks, boasting on social media platform X (formerly Twitter) about their involvement. However, the group’s role in the data theft remains unclear.
In a public statement, the group hinted at further attacks, blaming the Internet Archive for its ties to the U.S. and accusing it of supporting Israel.
Internet Archive Responds
Brewster Kahle, founder of the Internet Archive, took to social media to provide an update:
“What we know: DDoS attack — fended off for now; defacement of our website via JS library; breach of usernames, emails, and salted-encrypted passwords. We’ve disabled the JS library, scrubbed our systems, and are upgrading security measures.”
The organization has promised to investigate the breach thoroughly and restore services as soon as possible. However, the Wayback Machine and other tools were still offline as of the last update.
Impact on Users and Security Recommendations
The exposure of 31 million user accounts is one of the most significant breaches in the organization’s history. Although the passwords were encrypted using bcrypt, which is considered a secure hashing method, cybersecurity experts urge users to change their passwords immediately—especially if they use the same passwords across multiple platforms.
Troy Hunt revealed that 54% of the email addresses from the Internet Archive’s breach were already present in the HIBP database from prior data leaks. This indicates that many users may have reused their passwords on other sites, increasing the risk of further compromise.
In addition to changing passwords, experts advise users to remain cautious about emails or messages that could exploit the stolen data through phishing attempts.
Legal and Operational Challenges
The Internet Archive is not just grappling with cybersecurity issues; it is also embroiled in legal battles. Recently, the organization lost a copyright lawsuit filed by several book publishers. If a pending case brought by music labels also results in a loss, the Archive could face damages exceeding $621 million.
Founder Brewster Kahle expressed concern about the combined pressure of legal troubles and cyberattacks but assured users that the Archive remains committed to recovering from this crisis.
Consequences for Google’s New Search Integration
The timing of the attack could also disrupt Google’s new feature, which was announced last month. Google had recently integrated Wayback Machine links into its search results, allowing users to access archived versions of web pages directly from search. With the Wayback Machine currently offline, the usefulness of this new feature may be impacted until the Internet Archive can fully restore its services.
Why This Matters
The Internet Archive plays a vital role in preserving digital content and providing free access to knowledge. Established in 1996, it houses millions of archived books, videos, audio files, and web snapshots. Researchers, journalists, and academics worldwide rely on the Archive’s resources to study and document the past.
The attack not only jeopardizes the privacy of millions of users but also highlights the vulnerability of even the most altruistic organizations. Some cybersecurity analysts speculate that the attackers may have been looking for specific information or intended to disrupt the integrity of historical records maintained by the Archive.
