Major Cyberattack Hits Internet Archive, Exposes User Data

• The Internet Archive suffered a major cyberattack, exposing millions of users’ data.
• The attack was claimed by a group known as “SN_BLACKMETA,” a pro-Palestinian “hacktivist” group.
• The Internet Archive is a crucial resource for fact-checkers, researchers, and scholars, making the attack particularly significant.
• The incident underscores the need for robust security measures to protect user data and the importance of continuous vigilance against cybersecurity breaches.

The Internet Archive, a San Francisco-based online repository of web pages, was taken offline due to a major cyberattack. The attack, confirmed by the founder of the Internet Archive, Brewster Kahle, exposed the data of millions of users and defaced the site. This incident underscores the growing threat of cybersecurity breaches, particularly in the lead-up to the U.S. presidential election on November 5. The attack was claimed by a group known as SN_BLACKMETA, described by experts as a pro-Palestinian hacktivist group. The group’s motivations, as stated in their claim of responsibility, were rooted in their opposition to the U.S. government’s support of Israel.

Cyberattack Details and Aftermath

The Internet Archive has been subjected to a series of distributed denial-of-service (DDoS) attacks since Tuesday, aimed at disrupting the website or server. Kahle acknowledged these attacks and stated that the organization was working to upgrade its security. The attack led to the defacement of the website and a breach of usernames, emails, and passwords. In a subsequent post, Kahle assured users that the Internet Archive’s data has not been corrupted. He also stated that they were working to restore services as quickly and safely as possible. However, the attackers returned, knocking down both the Internet Archive’s main site and its Open Library, an open-source catalogue of digitized books.

On Wednesday, users reported a pop-up message claiming the site had been hacked and the data of 31 million accounts breached. The message, apparently posted by the hackers, read, Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP! HIBP refers to the site Have I Been Pwned, which allows users to check whether their emails and passwords have been leaked in data breaches.

The Internet Archive and Its Significance

The Internet Archive, founded in 1996, advocates for a free and open internet. It operates a web archive called the Wayback Machine, which has captured snapshots of millions of internet pages. This tool is a crucial resource for fact-checkers, who use it to trace deleted web pages and ensure that the evidence cited in articles is permanently available to readers. It also helps researchers and scholars find historical collections that exist in digital formats.

The Internet Archive’s significance extends beyond its role as a repository. It is a comprehensive digital history of the globe, with billions of archived web pages at risk due to the targeted hack. The site’s ability to show users things like what the White House website looked like in 1995 or other important historical records makes it an internet time machine, according to Professor George Buchanan, the deputy dean of RMIT’s School of Computing Technologies.

The scale of the data breach remains unclear, as Kahle did not respond to a request for comment about it. However, HIBP confirmed that 31 million records from the Internet Archive had been stolen, including email addresses, screen names, and passwords.

In conclusion, the cyberattack on the Internet Archive is a stark reminder of the perils of cybersecurity breaches. It highlights the need for continuous vigilance and robust security measures to protect user data. As the investigation into the attack continues, it is hoped that the Internet Archive can restore its services and continue its mission of providing a free and open internet. This incident serves as a wake-up call for all online platforms to prioritize cybersecurity and protect their users’ data.