The Wayback Machine of the Internet Archives has been breached by a threat actor who stole a user authentication database containing 31 million unique records from the website. A javascript alert created by the hacker on the compromised website reads, “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!,” referring to the popular breach notification service Have I Been Pwned created by Troy Hunt.
The stolen 6.4GB SQL database was shared with Hunt 9 days before the alert appeared on the website on the 9th of October 2024. The database contains authentication information for registered members, including their email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data. The most recent timestamp in the database is the 28th of September which is likely when the data was stolen.
The breach seems to have resulted from a vulnerable JavaScript library which the organisation has since disabled. Any other stolen data has not yet surfaced.
Shortly after this ordeal, the website suffered a 5-hour DDoS attack claimed by the BlackMeta hacktivist group, who declared their intention to launch additional attacks.
Leave a Reply