loader image

Sun, Dec 22 | 2:04 pm

Hackers Claim ‘Catastrophic’ Internet Archive Attack, Exposing Data of 31 Million Users

by | Oct 11, 2024

A hacker group linked to a pro-Palestinian hacktivist movement has claimed responsibility for a major cyberattack on The Internet Archive, compromising the personal details of 31 million users. The breach, which exposed email addresses, screen names, and encrypted passwords, has left security experts advising users to update their credentials immediately.

The attack, claimed by a group using the handle SN_BlackMeta on X (formerly Twitter), has also been linked to a series of Distributed Denial-of-Service (DDoS) attacks that have taken the nonprofit’s website, archive.org, and its popular Wayback Machine offline. Brewster Kahle, founder of The Internet Archive, confirmed the breach and ongoing attacks, stating that the organization is “scrubbing systems and upgrading security.”

In an alarming message displayed on the compromised website, hackers warned, “31 million of you on HIBP!” referencing the popular breach notification service *Have I Been Pwned?* Troy Hunt, founder of HIBP, later confirmed that the exposed data had been shared with him, noting that 54% of the compromised email addresses had already appeared in previous breaches.

The Internet Archive, founded in 1996, is a nonprofit organization known for preserving billions of digital records, including webpages, texts, and videos. Its Wayback Machine is a widely-used tool for viewing archived websites.

Impact of the Breach

Although the passwords were encrypted using bcrypt, a strong hashing algorithm, cybersecurity experts urge users to change their passwords as a precautionary measure. “Avoid using any files from the site until they’ve declared an all-clear,” warned Jason Meller, VP of Product at 1Password. The breach appears to have occurred around late September when attackers exploited a vulnerability in a JavaScript library used by The Internet Archive.

The attack by SN_BlackMeta marks the group’s latest move in a series of politically motivated cyberattacks. In May 2024, the same group launched DDoS attacks against the Internet Archive and Middle Eastern financial institutions, using a new DDoS-for-hire service, InfraShutdown.

Ongoing Disruptions and Future Concerns

The Internet Archive remains largely offline due to repeated DDoS attacks, with the organization directing users to follow updates on social media. Kahle assured users that measures are being taken to improve security and restore services. However, experts warn that it may take time before the site is fully operational again.

As the investigation into the breach continues, users are urged to stay vigilant and monitor their accounts for any suspicious activity.

0 Comments

text

 

 

 

 

 

 

text

 

 

 

 

 

 

Related Posts

Aruba-Venezuela Border to Remain Closed Until April 23, 2025

Aruba-Venezuela Border to Remain Closed Until April 23, 2025

The border between Aruba and Venezuela, which has been closed since 2019, will remain shut for up to four more months, with a potential reopening no later than April 23, 2025. The prolonged closure stems from ongoing political disputes and logistical preparations to...

Former My Chemical Romance Drummer Bob Bryar Dies at 44

Former My Chemical Romance Drummer Bob Bryar Dies at 44

Bob Bryar, former drummer for iconic rock band My Chemical Romance (MCR), has died at the age of 44. He was found in his Tennessee home on November 26, 2024. The cause of death has not been disclosed. Bryar, known for his dynamic drumming, joined MCR in 2004 during...