Skip to main content

The Internet Archive has been hit by a significant data breach, compromising an authentication database containing the personal information of over 31 million registered users. The breach has raised serious concerns regarding the security of the widely used digital archive platform.

Details of the Breach

The breach was uncovered when visitors to the Internet Archive’s website began receiving unexpected JavaScript alerts, which bluntly notified users of the security breach. The message read, “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!” This message suggests that the stolen data will likely be uploaded to the “Have I Been Pwned” (HIBP) service, created by cybersecurity expert Troy Hunt, for affected users to check if their details have been compromised.

The breach reportedly involved the theft of a 6.4GB SQL file titled “ia_users.sql,” which includes 31 million user records. These records contain email addresses, screen names, password change timestamps, and Bcrypt-hashed passwords. This stolen data also includes internal data points related to the Internet Archive.

Confirmation of the Breach

Troy Hunt, the creator of HIBP, was contacted by the hacker nine days before the breach became public. Hunt verified the authenticity of the breach by contacting users listed in the stolen database, including cybersecurity researcher Scott Helme. Helme confirmed that the Bcrypt-hashed password in the database matched the one in his password manager, and the timestamps aligned with his last password change. This validation adds further credibility to the breach’s authenticity.

The breach appears to have occurred around September 28, 2024, based on the most recent timestamp found in the stolen records. With 31 million unique email addresses in the compromised data, many users are now waiting for confirmation through HIBP if their data has been exposed.

Lack of Response and Ongoing Attacks

Despite receiving an early warning from Troy Hunt, who reached out three days before the breach became public, the Internet Archive has yet to comment on the incident or take public action. This lack of response raises concerns about the organization’s ability to address security vulnerabilities and handle cyber threats.

Additionally, the Internet Archive faced a Distributed Denial-of-Service (DDoS) attack earlier today, with the BlackMeta hacktivist group claiming responsibility. The group has warned of further attacks, adding to the ongoing concerns surrounding the platform’s security.

READ MORE:

How to Use Face ID to Lock Apps and Enhance Privacy on iOS 18

Impact and User Recommendations

The Internet Archive is a crucial resource for preserving digital content, and this breach serves as a stark reminder of the growing risks of cyber threats. With 31 million users potentially affected, those whose data may have been exposed should act quickly to change their passwords and monitor their email accounts for any suspicious activity.