The Internet Archive, a beloved non-profit digital library known for preserving vast amounts of online content, has recently been rocked by a significant data breach. This breach followed a large Distributed Denial of Service (DDoS) attack, compromising the personal information of millions of users and disrupting access to crucial services like the Wayback Machine.
Massive User Data Compromised
Estimates suggest that around 31 million user records were exposed in this incident. The compromised data includes sensitive information such as email addresses, usernames, and password hashes, raising serious concerns about the security of users’ personal details. This breach marks one of the most substantial security incidents in the Internet Archive’s history, emphasizing the escalating risks faced by digital repositories.
In addition to compromising user data, the attackers also defaced the Internet Archive’s website, further complicating the organization’s recovery efforts. Given the Archive’s role in providing access to countless digital resources—from books and videos to software and historical websites—the breach has alarmed users who depend on these invaluable tools for research and information.
Deceptive Emails Create Confusion
In the aftermath of the breach, many users received suspicious emails that appeared to be from “The Internet Archive Team.” However, these messages were actually sent by hackers who gained unauthorized access to the Internet Archive’s Zendesk email support system.
The attackers’ email expressed frustration over the organization’s slow response to the breach, stating, “It’s dispiriting to see that even after being made aware of the breach two weeks ago, the Internet Archive has still not done the due diligence of rotating many of the API keys that were exposed in their Gitlab secrets.” This message also revealed that hackers had access to over 800,000 support tickets dating back to 2018, which could include sensitive user communications.
Alarm Over Data Exposure
The hackers ominously noted that user data was now “in the hands of some random guy,” highlighting the precarious situation for anyone who had interacted with the Archive. Their emails included a mocking tone, urging the organization to “get their sh*t together,” which only intensified fears about the extent of the breach and the potential misuse of personal information.
Ongoing Restoration Efforts
In response to this crisis, the Internet Archive has mobilized teams to restore its services. According to a blog post from the organization, efforts are ongoing around the clock to bring back key functions. While some services, like the Wayback Machine, Archive-It, and National Library crawls, have resumed operation, many other features remain offline, with full restoration anticipated to take more time.
The Internet Archive acknowledged the necessity for “heightened attention to cybersecurity” following the breach, emphasizing the need for improved protective measures. Despite these reassurances, the lingering access that the attackers have to parts of the Archive’s systems continues to be a source of concern for both users and cybersecurity experts.
Founder’s Reflections on the Attack
Brewster Kahle, the founder of the Internet Archive, shared his thoughts on the situation in a recent blog post. He expressed cautious optimism about the progress being made but recognized the lengthy path to full recovery. In an interview with The Washington Post, he conveyed confusion over why the Archive was targeted, asking, “Why kick the cat?” This sentiment reflects a broader uncertainty regarding the motivations behind the attack on a non-profit organization dedicated to preserving digital knowledge for the public good.
