Internet Archive data theft

Updated on 09/10/2024

09/10/2024

Internet Archive users found a message on October 3rd when they logged on to the service, warning that 31 million of them had been hacked and that they will appear on the Have I Been Pwned Portal (HIBP), a website where users can check if their credentials for various websites have been breached.

Troy Hunt, creator of HIBP, confirmed receiving a 6.4GB SQL file with 31 million records from the Internet Archive, containing email addresses, names and password information, among other data, with the date of the last user being September 28th, considered to be the date of the data theft. Several days after it was made public, Brewster Kahle, creator of the Internet Archive, confirmed the security breach in a tweet.

Disabling the JS library, debugging systems and increasing security were the actions taken by Internet Archive to prevent another incident from happening again. However, as of October 10th, Internet Archive was without service, due to a new DDoS attack against the platform, and, according to Brester Kahle, it was decided to stop the service in order to protect the information.

References

09/10/2024

theverge.com

The Internet Archive is under attack, with a breach revealing info for 31 million accounts
09/10/2024

bleepingcomputer.com

Internet Archive hacked, data breach impacts 31 million users
09/10/2024

wired.com

Internet Archive Breach Exposes 31 Million Users
09/10/2024

techcrunch.com

The Internet Archive slammed by DDoS attack and data breach
10/10/2024

engadget.com

The Internet Archive taken down by DDoS attacks
10/10/2024

x.com

Mensaje de Brewster Kahle

Etiquetas