The Internet Archive has been hit by a cyberattack, compromising the personal data of over 31 million users.
The nonprofit organization, known for its Wayback Machine service, which archives web pages, is grappling with the aftermath of the sophisticated attack.
On October 9, visitors to the Internet Archive’s website were greeted with a pop-up message indicating a security breach.
A hacker group operating under the name SN_BlackMeta has claimed responsibility for the attack, stating on social media platform X (formerly Twitter) that they had launched “several highly successful attacks” against the Archive.
The breach exposed user records, including email addresses, screen names, and bcrypt-hashed passwords.
Troy Hunt, founder of the data breach notification service Have I Been Pwned, confirmed receiving a database containing information on 31 million unique email addresses associated with the Internet Archive.
The Internet Archive’s website and Wayback Machine service remain inaccessible as of this writing.
This outage is concerning given Google’s recent integration of Wayback Machine links into its search results, a feature announced just last month to enhance access to historical web content.
The timing of this attack could potentially disrupt Google’s new feature, which was designed to provide users with easy access to archived versions of web pages directly from search results.
Brewster Kahle, founder and digital librarian of the Internet Archive, acknowledged the breach in a post on X, stating:
“What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.”
Kahle is saying that while they were attacked in several ways, they’re actively working to fix the problems and make their systems safer.
However, user data was compromised, so users should be cautious and change their passwords.
The organization is actively working to restore its services and secure its systems, but the full extent of the damage remains unclear.
The attack on the Internet Archive is troubling, given its role in preserving digital content.
Founded in 1996, the organization aims to provide “universal access to all knowledge” and has become a resource for researchers and journalists.
While the exact motivations behind the attack remain unclear, cybersecurity experts speculate that the attackers may have been searching for specific information or attempting to alter historical records.
This serves as a reminder of the vulnerabilities in digital infrastructure, even for organizations dedicated to preserving it.
This attack compromises user data and temporarily denies access to an invaluable resource for internet users worldwide.
As the Internet Archive continues its recovery efforts, users are advised to change their passwords and remain vigilant for any potential misuse of their personal information.
Featured Image: Piotr Swat/Shutterstock