iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The non-profit digital library responsible for the popular Wayback Machine web archive has been under a distributed denial-of-service (DDoS) attack for days – but things look to have gotten worse.
The Internet Archive, a popular online repository of digital and internet material, has reported it has suffered a “catastrophic security breach”.
The site’s founder, Brewster Kahle, had been reporting via posts on X that the site had been under heavy DDoS attacks for days, but the attack appears to have reached a new level in recent hours.
Visitors to the site overnight were greeted by an alarming pop-up warning of a dire data breach.
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach?” the pop-up said.
“It just happened. See 31 million of you on HIBP!”
The pop-up – reported by multiple media outlets and observers – is no longer appearing, however. Instead, the Archive is now saying it is “temporarily offline” and directing people to the website’s account on X to stay up to date on the situation.
HIBP refers to the data breach tracking site Have I Been Pwned, run by Australian security researcher Troy Hunt, who has confirmed the breach.
“In September 2024, the digital library of internet sites, Internet Archive, suffered a data breach that exposed 31 million records,” Hunt said in an update on HIBP, suggesting the breach itself occurred far earlier.
“The breach exposed user records, including email addresses, screen names and bcrypt password hashes.”
The exact figure of exposed accounts is 31,081,179.
Who’s responsible?
Russia-based hacking group SN_BLACKMETA has claimed responsibility for the ongoing DDoS attacks on its own posts on X.
“The Internet Archive has and is suffering from a devastating attack,” the group said today (10 October).
“We have been launching several highly successful attacks for five long hours and, to this moment, all their systems are completely down.”
While the group has not specifically claimed to be responsible for the data breach, it did reshare a Dark Web Informer post reporting of the compromise.
This is not the first time SN_BLACKMETA – based in Novgorodskaya Oblast, according to its X account – has targeted the Internet Archive. In late May, the group took the Archive offline, posting to X saying: “We decided to take down all your online services and resources that include millions of PDF files, Footage, Saved Website History, and on top of that completely disabling your any users from accessing your files.”
Posting to Mastodon, Internet Archive archivist Jason Scott said there appeared to be no motivation behind the attacks.
“Someone is DDOSing the internet archive, so we’ve been down for hours. According to their twitter [now X], they’re doing it just to do it. Just because they can. No statement, no idea, no demands,” Scott said, before referring to the Archive’s ongoing work to preserve information.
“Meanwhile, we literally rescued 400,000 dissertations from being pulped,” Scott added.
“I like our side.”
UPDATED 10/10/24 to add Troy Hunt’s commentary
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
