An Internet Archive data breach has been confirmed by the organisation, which has also been suffering Distributed Denial-of-Service (DDoS) attacks. The home of the Wayback Machine was previously attacked back in May.
At this point, it’s being suggested that the security breach and DDoS attacks are unrelated, though the timing certainly seems odd …
Internet Archive data breach
The security breach was first reported by Bleeping Computer.
Internet Archive’s “The Wayback Machine” has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records […]
The threat actor shared the Internet Archive’s authentication database nine days ago and it is a 6.4GB SQL file named “ia_users.sql.” The database contains authentication information for registered members, including their email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data.
The attacker’s identity is unknown, but they created a JavaScript alert on the site to announce the attack.
HIBP is a reference to Have I Been Pwned, the site created by security researcher Troy Hunt to allow people to find out whether their details have been leaked in security breaches. Hunt himself confirmed that the leaked data was valid.
The Internet Archive today acknowledged the breach.
What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.
What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.
DDoS attack
The Archive also referenced a DDoS attack which took the site offline for a time.
A group known as SN_Blackmeta claimed responsibility for the attack, with a confusing antisemitic message that the archive “belongs to the USA” as if it were a government project.
The Internet archive has and is suffering from a devastating attack We have been launching several highly successful attacks for five long hours and, to this moment, all their systems are completely down […]
They are under attack because the archive belongs to the USA, and as we all know, this horrendous and hypocritical government supports the genocide that is being carried out by the terrorist state of “Israel”.
The tweet was community noted by X users:
The Internet Archive is a non-profit whose purpose is to archive information which can be used by anyone in the world. There are also many resources on the archive about Palestine which we can’t now access because of this attack.
Internet Archive also suffering legal woes
The Archive has also been facing legal problems, last month losing a lawsuit accusing it of copyright infringement, as Wired reported at the time.
The US Court of Appeals for the Second Circuit ruled against the long-running digital archive, upholding an earlier ruling in Hachette v. Internet Archive that found that one of the Internet Archive’s book digitization projects violated copyright law.
Notably, the appeals court’s ruling rejects the Internet Archive’s argument that its lending practices were shielded by the fair use doctrine, which permits for copyright infringement in certain circumstances, calling it “unpersuasive.”
In March 2020, the Internet Archive, a San Francisco-based nonprofit, launched a program called the National Emergency Library, or NEL. Library closures caused by the pandemic had left students, researchers, and readers unable to access millions of books, and the Internet Archive has said it was responding to calls from regular people and other librarians to help those at home get access to the books they needed.
Essentially the organization replicated what was being done legally by The Open Library, but removed the limit ensuring a digital copy of a book could only be borrowed by one person at a time. It subsequently reinstated the limit, but by then had already been sued.
It is also facing a second lawsuit from a group of music labels seeking $400M damages for copyright infringement, which could bankrupt the organization.
Photo by Shahadat Rahman on Unsplash
FTC: We use income earning auto affiliate links. More.