Major Data Breach at Internet Archive Exposes 31 Million User Records

The Internet Archive has experienced a significant data breach after a hacker compromised the platform and stole an authentication database containing the personal information of over 31 million registered users. The breach has raised serious concerns about the security of this widely used digital archive.

The data breach came to light when visitors to the Internet Archive website began receiving JavaScript alerts. These alerts, generated by the hacker, bluntly informed users about the security breach. The message read, โ€œHave you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!โ€ This message suggests that the stolen data will soon be available on the โ€œHave I Been Pwnedโ€ (HIBP) data breach notification service, created by cybersecurity expert Troy Hunt.

Major Data Breach at Internet Archive Exposes 31 Million User Records

The stolen database reportedly contains 31 million unique records, including user email addresses, screen names, password change timestamps, and Bcrypt-hashed passwords. The database is a 6.4GB SQL file โ€œia_users.sql,โ€ according to Hunt, whom the hacker contacted nine days before the breach became public. This file also contains various internal data points used by the Internet Archive.

Troy Hunt has confirmed the authenticity of the data by contacting users listed in the stolen database, including cybersecurity researcher Scott Helme. Helme validated the breach by confirming that the Bcrypt-hashed password in the exposed database matched the one in his password manager. Additionally, the timestamps in the database aligned with the last time he changed his password. This validation adds credibility to the claim that the breach is genuine and widespread.

The stolen records contain the most recent timestamp from September 28, 2024, suggesting that someone stole the database around this date. With 31 million unique email addresses included, many affected users are now awaiting the confirmation of their data exposure on the HIBP service, where they will be able to check if their details have been compromised.

Hunt contacted the Internet Archive three days before the breach became public, aiming to notify the organization and give them time to respond. However, as of now, the Internet Archive has not responded to Huntโ€™s disclosure or commented on the breach publicly. This lack of communication raises further concerns about the organizationโ€™s handling of security issues and its preparedness to deal with cyber threats.

See Also: Spotify Hacks: Unlock the Best Sound with These Advanced Audio Settings

In addition to the data breach, the Internet Archive suffered a Distributed Denial-of-Service (DDoS) attack earlier today. The BlackMeta hacktivist group has taken responsibility for the disruption and warned of further attacks on the site.

The Internet Archive is a vital resource for preserving digital content, and this breach highlights the importance of robust cybersecurity measures for platforms that handle sensitive user data. With over 31 million users potentially affected, this incident serves as a reminder of the growing risks associated with cyber threats and data breaches in an increasingly digital world.

For now, users should change their passwords and monitor their email accounts for any suspicious activity, especially those who suspect the breach has affected them.

PTA Taxes Portal

Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal

Explore NowFollow us on Google News!

Onsa Mustafa

Onsa is a Software Engineer and a tech blogger who focuses on providing the latest information regarding the innovations happening in the IT world. She likes reading, photography, travelling and exploring nature.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
>