The Internet Archive’s Wayback Machine suffered a significant data breach! Hackers apparently stole a huge database containing information from 31 million users.
Internet Archive The Wayback Machine hacked
Some visitors noticed a pop-up on archive.org saying the site had been compromised and mentioning a website called “Have I Been Pwned” (HIBP). HIBP is a popular service that lets you know if your data leaked in a breach, so that reference wasn’t exactly comforting.
According to security expert Troy Hunt, who runs HIBP, the hacker stole the entire user database from the Internet Archive nine days before anyone noticed. This leak included email addresses, usernames, passwords, and more. It seems to have happened on September 28th.
While it’s not entirely clear how the hackers did this, the Internet Archive did experience a denial-of-service attack (DDoS) earlier that day. A group called BlackMeta claimed responsibility for the DDoS attack, but there’s no proof they were linked to the data breach itself.
Brewster Kahle, the founder of the Internet Archive, finally confirmed the breach in a message on X. He said they’re aware of the stolen user data, the website defacement, and the DDoS attack. The Archive has stopped the damage by removing the harmful code, cleaning its systems, and improving its security. The data has not been corrupted.
Internet Archive is an essential resource for keeping history of the web alive. If you have an account there, you should check Have I Been Pwned soon to see if your information was exposed.
Let’s hope the Archive can get things under control quickly!
