A recent cyber attack has resulted in a significant data breach at the Internet Archive, impacting 31 million users. The breach was made public after a JavaScript alert appeared on the website, confirming the compromise of the site’s authentication database. The stolen database includes sensitive user information such as email addresses, bcrypt-hashed passwords, and other internal data. The timestamp of the most recent records suggests that the breach occurred in late September 2024.
Confirmation of the breach was provided by cybersecurity researcher Troy Hunt, who indicated that the compromised data has already been shared with the Have I Been Pwned (HIBP) service. Hunt also stated that the 6.4GB SQL file containing the stolen data was shared with him nine days prior to the public disclosure. The Internet Archive has yet to respond to the breach, despite Hunt’s disclosure efforts three days before the data was loaded into HIBP.
Additionally, the Internet Archive experienced a Distributed Denial of Service (DDoS) attack, claimed by the hacktivist group BlackMeta, who announced further planned attacks. The extent of the damage caused by this breach and whether any additional data was compromised remain unclear.