In a shocking turn of events, the Internet Archive, the digital library that’s been preserving the Internet’s history for decades, has fallen victim to a devastating cyberattack. This breach has not only compromised the data of a staggering 31 million users but has also brought down the iconic Wayback Machine, leaving a gaping hole in our ability to access the web’s past.

What Happened?

On October 9, 2024, users visiting the Internet Archive (archive.org) were greeted with an ominous pop-up message:

“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”

This wasn’t just another glitch or temporary outage. It was a full-blown security nightmare, confirmed by none other than Troy Hunt, the mastermind behind Have I Been Pwned (HIBP), a website that’s become the go-to resource for checking if your data has been compromised in breaches.

Hunt received a treasure trove of stolen data nine days before the public announcement. This digital loot included email addresses, screen names, password change timestamps, and bcrypt-hashed passwords. In a twist that adds insult to injury, 54% of these accounts were already in HIBP’s database from previous breaches.

What Was Exposed in This Internet Archive Breach?

The breach revealed sensitive user information, including email addresses, usernames, and encrypted (bcrypt-hashed) passwords. While bcrypt encryption provides a level of security, it is not foolproof, and users are strongly advised to change their passwords as a precaution.

The hackers also exposed password change timestamps and other internal data, adding to concerns about how the stolen information could be used.

Wayback Machine Goes Dark

The Wayback Machine, that magical portal allowing us to travel through Internet time, also went dark. This outage is particularly painful given Google’s recent integration of Wayback Machine links into its search results – a feature announced just last month to enhance access to historical web content. 

The Attackers

Enter SN_BlackMeta, the shadowy hacker group that has claimed responsibility for the attack. With a penchant for theatrics, they announced on X (formerly Twitter) that they had orchestrated “several highly successful attacks” against the organization. However, their motives remain shrouded in mystery. Are they simply seeking notoriety, or is there a more sinister agenda at play?

Adding to the suspense, SN_BlackMeta has hinted at another attack looming on the horizon. This digital chess match is far from over, and the Internet Archive remains caught in the crossfire.

Response from the Internet Archive

Brewster Kahle, the founder and digital librarian of the Internet Archive, took to X to address the crisis:

“What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.”

What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.

What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.

Will share more as we know it. — Brewster Kahle (@brewster_kahle) October 10, 2024

It’s a battle on multiple fronts – DDoS attacks, website defacement, and the theft of user data. The Internet Archive team is in full crisis mode, working tirelessly to patch the holes and fortify their digital fortress.

The Broader Implications

This attack on the Internet Archive is more than just another data breach – it’s an assault on our collective digital memory. Founded in 1996 with the lofty goal of providing “universal access to all knowledge,” the Archive has become an invaluable resource for researchers, journalists, and curious internet users alike.

The potential motivations behind the attack are as varied as they are concerning. Are the hackers searching for specific information hidden in the archives? Or worse, are they attempting to alter historical records? It’s a chilling reminder of the vulnerabilities in our digital infrastructure, even for organizations dedicated to preserving it.

What This Means for Users

If you’re one of the 31 million users whose data has been compromised, it’s time to take action:

1. Change your Internet Archive password immediately (once the site is back up).
2. If you’ve used that password on other sites, change those too. (And seriously, stop reusing passwords!)
3. Keep an eye out for phishing attempts or suspicious activity on your accounts.
4. Consider using a password manager to generate and store unique passwords for each site.

This attack highlights the need for strong digital security, especially for organizations handling large volumes of user data. While the Archive recovers, users should remain cautious and watch for further developments.

42Works: Committed to Privacy and Cybersecurity

At 42Works, we prioritize cybersecurity and take every step to safeguard our clients’ data. Our approach includes regular system audits, advanced encryption, and continuous monitoring of threats. We believe in protecting both personal and business data with robust security measures.

As cyberattacks grow more sophisticated, 42Works remains committed to building secure digital environments. Trust us to keep your data safe — because at 42Works, security is always a top priority.