Internet Archive, The Wayback Machine, has suffered a massive data breach after a threat actor compromised the website and stole the data of 31 million users.
After the hack, the hackers put up an illicit JavaScript popup on the website saying that the website had suffered a major data breach. Here is the popup.
It reads, “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!.”
After that, the organization confirmed the incident officially, check out this tweet by its founder.
The HIBP in this warning refers to the “Have I Been Pwned” data breach notification service created by Troy Hunt. He also confirmed the data breach. He said that the breach occurred in September and that the stolen data contains 31 million unique email addresses along with usernames, bcrypt password hashes, and other system data.
Hunt also says that the threat actor shared the Internet Archive’s authentication database nine days ago. It was a 6.4GB SQL file named “ia_users.sql.” He says that this data will be added to the HIBP, allowing the user to enter their email and confirm if their data was exposed in this breach.
Bleeping Computer was the first who reported this data breach.
In addition to this data breach, The Internet Archive has been fighting a wave of DDOS attacks on its server that have intermittently brought down its services.
Its founder Brewster Kahle provided an update on Wednesday evening on X. He wrote, “What we know: DDOS attack—fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we’ve done: Disabled the JS library, scrubbing systems, upgrading security. Will share more as we know it.”
Right now, it is not known how these threat actors have breached the security of The Internet Archive and if any other data was stolen from the service.