A massive data breach has hit the Internet Archive, compromising the usernames, email addresses, and passwords of approximately 31 million users. The incident, disclosed on October 10, 2024, has raised significant concerns about the security of this key online institution known for its expansive digital library and preservation of internet content.
The breach was initially uncovered after cybersecurity researcher Troy Hunt was notified about a potential vulnerability in the archive’s system. Following his investigation, he confirmed that the compromised data included bcrypt-hashed passwords, which are designed to offer robust encryption. However, despite this protection, the leak exposes users to further risks if they reuse passwords across multiple platforms.
Further complicating the situation, the breach occurred amidst a broader cyber onslaught against the Internet Archive, with a distributed denial-of-service (DDoS) attack launched by the hacktivist group BlackMeta. The DDoS attack briefly took down the main websites, including archive.org and openlibrary.org, leaving them offline for several hours.
Internet Archive founder Brewster Kahle addressed the public on X (formerly Twitter), acknowledging the breach and detailing the immediate steps taken to mitigate the damage. The organization has since disabled the vulnerable JavaScript library used to deface their website and is working to upgrade its security systems.
The combination of the DDoS attack and the data breach has prompted a flurry of speculation regarding the motivations behind the incidents. While BlackMeta has claimed responsibility for the DDoS attack, it remains unclear whether the same group is responsible for the data breach. The hacktivist group, which has previously targeted major organizations, is believed to be politically motivated, though no clear link between the two events has been established.
As investigations continue, users affected by the breach are strongly advised to change their passwords immediately and ensure that they are not using the same credentials across different platforms. The Internet Archive has yet to confirm how the attackers initially gained access to its systems, though third-party security experts have suggested the possibility of vulnerabilities within outdated code libraries or unpatched systems.
The impact of this breach is substantial not only because of the number of users affected but also because of the nature of the Internet Archive's user base, which spans a wide array of researchers, historians, and digital preservationists who rely on the platform for its valuable resources. Moreover, the timing of the breach is significant, as it follows the platform's involvement in a lawsuit concerning copyright issues, leading some observers to speculate whether the attacks are part of a broader campaign against the organization.
Despite these setbacks, the Internet Archive remains operational, and Kahle has emphasized the organization's commitment to maintaining the integrity of its mission. The Archive has played a crucial role in preserving historical digital content, making it a vital resource for users worldwide.