Data breach and DDOS attacks bring down Wayback Machine
Sunday, October 13, 2024
Correction — October 14, 2024
The article referred to the SQL file as 'gigantic', which is subjective and is not supported by evidence, and the word has been removed. The file size was indicated correctly.
On Wednesday, the Internet Archive suffered a data breach of 31 million user passwords and screen names, as well as a wave of distributed denial-of-service (DDOS) attacks, rendering the Wayback Machine inaccessible. It was unknown whether the two events were related, though current evidence suggested that the two were perpetrated by the same attacker or group of attackers.
Shortly preceding the shutdown, users visiting the Internet Archive were greeted by a JavaScript pop-up message that read: "Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!" Here, "HIBP" is an abbreviation for "Have I Been Pwned," a site that allows users to look up their emails to check if their credentials have been stolen or compromised.
As of Saturday, the Internet Archive and its associated Wayback Machine remained inaccessible to the public as Internet Archive staff continued their efforts to upgrade the security of the servers to prevent future security incidents. The Archive has been focused on providing its users with "universal access to all knowledge" since its inception in 1996.
The Wayback Machine is the Internet Archive's most popular tool, allowing users to "look back" in time to see websites and webpages as they appeared at different points in time. Access to this digital library was expected to return within the next several days, though no specific timeframe was available.
A hacker group, who goes by the username SN_Blackmeta on X (formerly known as Twitter), appeared to operate from Russia and has claimed responsibility for the attack. Like with most DDOS attacks, this attack was believed to be politically motivated: the attackers have accused the United States government of supporting Israel, and the hackers have cited this as their motivation for the cyberattack.
The breach presumably occurred on September 28, as that is the latest date on an SQL file, measuring 6.4 gigabytes in size, containing the stolen user data. HIBP founder Troy Hunt received the file on September 30 but was unable to review it until October 5. Hunt notified the Internet Archive staff on October 6. The Internet Archive has responded accordingly and has fended off the recent DDOS attacks.
Sources
- Emma Roth. "The Internet Archive is still down but will return in ‘days, not weeks’" — The Verge, October 11, 2024
- Akash Pandey. "Internet Archive cyberattack: How details of 31M users got exposed" — News Bytes App, October 11, 2024
- Maddison Cholerton. "The Internet Archive Is Under ATTACK! - Data Breach, DDoS & Website Vandalism" — YouTube, October 11, 2024
- Davie Winder. "Internet History Hacked, Wayback Machine Down—31 Million Passwords Stolen" — Forbes, October 10, 2024
- Marie Boran. "Hackers Claim 'Catastrophic' Internet Archive Attack" — Newsweek, October 10, 2024
- Anna Washenko. "The Internet Archive taken down by DDOS attacks" — Engadget, October 9, 2024