Category: IT|Oct 10, 2024 | Author: Admin

The Internet archive is down - and your user information may have been stolen

Share on

The Internet Archive (archive.org) was hit by a cyber attack on Wednesday afternoon, when users visiting the website were greeted by a pop-up message claiming that the site had been hacked.

Around 9pm US time on Wednesday, founder Brewster Kahle confirmed that the site had been subjected to an attack, where a JavaScript library was used to alter the website. It is The Verge that has reported the case.

 

The website is not available at the time of writing.

 

31 million users' info has been leaked


The message on the pop-up read:

 

“Have you ever felt that the Internet Archive is on the verge of a major security breach? It happened now. See 31 million of you at HIBP!”

 

HIBP, which stands for "Have I Been Pwned?", is a service where users can check if their information has been leaked in a cyber attack. Troy Hunt, the operator of HIBP, confirmed that he received a file nine days earlier containing information on 31 million users, including email addresses and encrypted passwords. Hunt explained that 54 percent of these were already in HIBP's database from previous leaks.

 

The users notified on the website
In a series of tweets, Hunt laid out the details of the incident, from the initial contact with the Internet Archive on October 6, to today's DDoS attack that occurred while they were loading the data into HIBP to alert users.

 

After the message was closed, the website functioned slowly, and later in the afternoon the website was unavailable.

 

A placeholder message informed visitors that "Internet Archive services are temporarily unavailable," and referred to the site's account on X (formerly Twitter) for updates.

 

Control of the attack


Jason Scott, an archivist at the Internet Archive, confirmed that the site experienced a DDoS attack, where the attack was apparently carried out without specific demands. During the evening, Kahle confirmed that they had gained control of the attack:

 

  • We have deactivated the JavaScript library, are cleaning the systems and upgrading the security. More information will come.

 

An account on X named SN_Blackmeta claimed to be behind the attack, suggesting another attack was planned for the next day.

 

 

Sponsored Ads:

Comments:


VMware makes Workstation and Fusion free for everyone

Category: IT|Nov 12, 2024 | Author: Admin

Microsoft says recent Windows 11 updates break SSH connections

Category: Microsoft|Nov 11, 2024 | Author: Admin

Mislabeled patch sends Windows Server 2022 admins on unwanted upgrade to 2025

Category: Microsoft|Nov 10, 2024 | Author: Admin

Malicious PyPI package with 37,000 downloads steals AWS keys

Category: IT|Nov 9, 2024 | Author: Admin

Canada orders TikTok to shut down over national risk concerns

Category: IT|Nov 8, 2024 | Author: Admin

Windows infected with backdoored Linux VMs in new phishing attacks

Category: Microsoft|Nov 7, 2024 | Author: Admin

After signal loss, Voyager 1 reconnected with Earth using retro transmitter not used since 1981

Category: IT|Nov 6, 2024 | Author: Admin

Massive PSAUX ransomware attack targets 22,000 CyberPanel instances

Category: IT|Nov 5, 2024 | Author: Admin

Microsoft delays Windows Recall again, now by December

Category: Microsoft|Nov 4, 2024 | Author: Admin

The new Nothing Phone (2a) Plus Community Edition is here to illuminate your night

Category: IT|Nov 3, 2024 | Author: Admin

DDoS site Dstat.cc seized and two suspects arrested in Germany

Category: IT|Nov 2, 2024 | Author: Admin

Windows 11 is getting more popular, climbs over 35.5% market share

Category: Microsoft|Nov 1, 2024 | Author: Admin

qBittorrent fixes flaw exposing users to MitM attacks for 14 years

Category: IT|Oct 31, 2024 | Author: Admin

Microsoft Entra "security defaults" to make MFA setup mandatory

Category: Microsoft|Oct 30, 2024 | Author: Admin

CyberPanel Urges Users to Upgrade Amid Ongoing Issues

Category: IT|Oct 29, 2024 | Author: Admin
more