“The Wayback Machine” by Archive.org has been compromised after a data breach compromising a user authentication database containing 31 million usernames, emails, and passwords. The site was attacked with a DDoS, its appearance altered through a compromised JS library. Some user data was breached, but the passwords were encrypted and salted for added security. Responsibility for the attack was claimed by SN_BlackMeta on the social media platform X, and the reasoning behind the attack was stated to be politically motivated. However, Archive.org is not affiliated with any government or political party.
Jason Meller, VP of Product at 1Password, reports that the affected site has been severely compromised, with its database exfiltrated and web pages defaced, indicating the attackers have gained control over both the infrastructure and web content. The site has also been repeatedly knocked offline, suggesting dominance at the network level. Meller advised users to avoid visiting the site or using its files until an investigation is complete and the situation is deemed safe.
Although bcrypt is a strong hashing algorithm, users are advised to change their passwords as a precaution, particularly if they use the same password on other sites. Due to ongoing DDoS attacks, the Internet Archive's website is experiencing downtime and services are temporarily offline. The organization is using its social media for updates. This is not the first time the Archive has been targeted as the same group claimed responsibility for similar attacks in May. Archivist Jason Scott noted that these attacks seem to be motivated by the ability to disrupt rather than any specific cause.
The Internet Archive has been facing multiple challenges recently. Alongside repeated DDoS attacks it is also dealing with legal battles. The organization recently lost an appeal in the Hachette v. Internet Archive case, where publishers argued its digital lending library violated copyright law. Now it faces another lawsuit from music labels that could result in $621 million in damages.
Troy Hunt of Have I Been Pwned (HIBP) received the stolen data from the Internet Archive on September 30, reviewed it by October 5, and informed the organization on October 6. The Archive confirmed the breach the next day and Hunt planned to notify HIBP subscribers about the breach.
Achilleus offers robust, comprehensive cyber protection for both organizations and individuals through its Darkweb and Credential Audit and Employee/Individual Cyber Protection (ARGUS) services. The Darkweb and Credential Audit provides early detection of compromised credentials, helping organizations prevent unauthorized access and reduce the risk of breaches. Continuous dark web monitoring and tailored security recommendations ensure proactive defense against emerging threats. ARGUS extends this advanced protection to executives and VIPs, offering 24/7 personalized cyber defense that includes dark web monitoring, device protection, and threat detection across all platforms. Both services are customizable through the SecurExchange Marketplace, allowing clients to enhance their security posture with add-ons and tailored solutions for complete peace of mind.
Comments