The Internet archive is down - and your user information may have been stolen
Share onThe Internet Archive (archive.org) was hit by a cyber attack on Wednesday afternoon, when users visiting the website were greeted by a pop-up message claiming that the site had been hacked.
Around 9pm US time on Wednesday, founder Brewster Kahle confirmed that the site had been subjected to an attack, where a JavaScript library was used to alter the website. It is The Verge that has reported the case.
The website is not available at the time of writing.
31 million users' info has been leaked
The message on the pop-up read:
“Have you ever felt that the Internet Archive is on the verge of a major security breach? It happened now. See 31 million of you at HIBP!”
HIBP, which stands for "Have I Been Pwned?", is a service where users can check if their information has been leaked in a cyber attack. Troy Hunt, the operator of HIBP, confirmed that he received a file nine days earlier containing information on 31 million users, including email addresses and encrypted passwords. Hunt explained that 54 percent of these were already in HIBP's database from previous leaks.
The users notified on the website
In a series of tweets, Hunt laid out the details of the incident, from the initial contact with the Internet Archive on October 6, to today's DDoS attack that occurred while they were loading the data into HIBP to alert users.
After the message was closed, the website functioned slowly, and later in the afternoon the website was unavailable.
A placeholder message informed visitors that "Internet Archive services are temporarily unavailable," and referred to the site's account on X (formerly Twitter) for updates.
Control of the attack
Jason Scott, an archivist at the Internet Archive, confirmed that the site experienced a DDoS attack, where the attack was apparently carried out without specific demands. During the evening, Kahle confirmed that they had gained control of the attack:
- We have deactivated the JavaScript library, are cleaning the systems and upgrading the security. More information will come.
An account on X named SN_Blackmeta claimed to be behind the attack, suggesting another attack was planned for the next day.
Sponsored Ads:
Comments:
Microsoft blocks ActiveX by default in Microsoft 365, Office 2024
Category: Microsoft|Apr 24, 2025 | Author: Admin
Microsoft Exchange 2016 and 2019 reach end of support in six months
Category: Microsoft|Apr 23, 2025 | Author: Admin
Google adds Android auto-reboot to block forensic data extractions
Category: Google|Apr 22, 2025 | Author: Admin
Microsoft warns of CPU spikes when typing in classic Outlook
Category: Microsoft|Apr 21, 2025 | Author: Admin
Hertz confirms customer info, drivers' licenses stolen in data breach
Category: General|Apr 20, 2025 | Author: Admin
Cybersecurity firm buying hacker forum accounts to spy on cybercriminals
Category: IT|Apr 19, 2025 | Author: Admin
SSL/TLS certificate lifespans reduced to 47 days by 2029
Category: IT|Apr 18, 2025 | Author: Admin
New ResolverRAT malware targets pharma and healthcare orgs worldwide
Category: IT|Apr 17, 2025 | Author: Admin
Kidney dialysis firm DaVita hit by weekend ransomware attack
Category: General|Apr 16, 2025 | Author: Admin
Microsoft Exchange 2016 and 2019 reach end of support in six months
Category: Microsoft|Apr 15, 2025 | Author: Admin
Meta to resume AI training on content shared by Europeans
Category: IT|Apr 14, 2025 | Author: Admin
Leak confirms OpenAI's GPT 4.1 is coming before GPT 5.0
Category: IT|Apr 13, 2025 | Author: Admin
Tycoon2FA phishing kit targets Microsoft 365 with new tricks
Category: Microsoft|Apr 12, 2025 | Author: Admin
Google's AI video generator Veo 2 is rolling out on AI Studio
Category: Google|Apr 11, 2025 | Author: Admin