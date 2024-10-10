The Internet Archive, a global digital library, has suffered a significant security breach and a DDoS attack, compromising data of 31 million accounts.

What Happened: Visitors to The Internet Archive encountered a pop-up message indicating a hack. The site’s founder, Brewster Kahle, later confirmed the breach, which involved a defacement of the website via a JavaScript library.

The pop-up message stated, “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”

HIBP, or Have I Been Pwned? – is a platform where users can verify if their data has been exposed to cyber-attacks.

What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.



What we've done: Disabled the JS library, scrubbing systems, upgrading security.



Will share more as we know it. — Brewster Kahle (@brewster_kahle) October 10, 2024

Troy Hunt, the operator of HIBP, confirmed receiving a file containing data for 31 million unique email addresses nine days before the breach. The data included email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data.

This was a very uncomfortable breach to process for reasons that should be obvious from @josephfcox's article. Let me add some more "colour" based on what I found: https://t.co/cLka2K6wgv — Troy Hunt (@troyhunt) October 8, 2024

After the breach, the site was hit by a DDoS attack, confirmed by Jason Scott, an archivist and software curator of the Internet Archive. The site was temporarily offline, displaying a placeholder message directing visitors to the site’s account on X for updates.

An account on X named SN_Blackmeta claimed responsibility for the attack and hinted at another possible attack the next day. The Internet Archive has been a target of similar attacks in the past.

Why It Matters: The Internet Archive, home to 835 billion web pages, has been grappling with a problem known as “link rot,” the phenomenon of disappearing web pages. A study by the Pew Research Center revealed that 38% of web pages that existed in 2013 have disappeared, and 8% of those from 2023 are now missing.

Despite the challenges, the Internet Archive has received support from influential figures like Tesla Inc. CEO Elon Musk, who has emphasized its significance as a "public good that should exist." This recent attack underscores the importance of robust security measures to protect such vital digital resources.

