Internet Archive Data Breach Affects 31 Million Users

The Internet Archive, known for its expansive collection of digital content and historical web snapshots, suffered a significant data breach impacting a whopping 31 million users.

What Is the Internet Archive?

The Internet Archive is a nonprofit organization that provides free access to a vast digital library of websites, software, music, books, and videos. Founded in 1996, It is best known for its Wayback Machine, which stores snapshots of web pages over time, offering a glimpse of the evolution of the internet.

The Breach

The breach reportedly occurred after a threat actor gained access to the Internet Archive’s website potentially exposing the personal information of millions of users. This reportedly includes usernames, email addresses, hashed passwords, and possibly additional data.

"Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!," read a JavaScript alert posted by the hacker on the compromised archive.org site.

There is no indication, as of yet, that financial information or highly sensitive personal details were affected.

The Internet Archive has a massive user base, making it an attractive target for cybercriminals. The large number of accounts suggests that attackers had ample opportunities to exploit any security lapses.

According to security researcher Troy Hunt, who spoke with BleepingComputer about the breach, the most recent timestamp on the stolen records is Sept. 28, 2024, which could pinpoint the date the database was stolen by the threat actor. Hunt also verified the legitimacy of the data contacting users listed in the leaked SQL file named "ia_users.sql”.

Potential Impacts on Users

The stolen data could still have serious consequences for users, especially if they reuse passwords across multiple sites. Depending on the hashing algorithm used, the hashed passwords could potentially be cracked, giving attackers access to user accounts.

Here are some possible outcomes for affected users:

• Attackers may attempt to use compromised data to access and take over accounts on other websites where users might have reused the same login credentials.
• Scammers can launch targeted phishing campaigns, impersonating trusted services and tricking users into divulging sensitive information.

Upon learning of the breach, the Internet Archive took  steps to contain the incident.

Brewster Kahle, group chair and digital librarian at the Internet Archive, posted a statement on X regarding the incident:

“What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we’ve done: Disabled the JS library, scrubbing systems, upgrading security. Will share more as we know it.”

What can users do to prevent misuse of data

If you’re an Internet Archive user, there are several steps you should take to protect your data:

• Change your password: Immediately reset your Internet Archive password and make sure it’s unique and at least 16 characters long. You can use a password manager to generate, store and manage complex passwords.
• Enable two-factor authentication (2FA): Enable 2FA to on all accounts that have this feature to add an extra layer of security.
• Monitor your online accounts: Check your email for phishing attempts or unusual activity. Be cautious of messages asking for personal or account information.
• Check for reused passwords: If you’ve used the same password across multiple websites and platforms, reset those passwords as well to avoid credential-stuffing attacks.

Pro tip: Use identity protection tools

With Bitdefender Digital Identity Protection, you gain the tools and insights needed to protect your identity and keep your online accounts secure.

By monitoring the dark web, providing real-time alerts, and offering actionable steps to mitigate the risks. Use Bitdefender’s Digital Identity Protection for:

 - Instant Alerts: You can immediately react to data breaches and privacy threats and take swift action to prevent damage, such as changing passwords, via one-click action items.

- Real-time monitoring: The service continuously scans the internet and dark web for your personal information. You will receive alerts whenever your data is involved in a breach or leak.

- Peace of mind: This service immediately flags suspicious activity and actively monitors personal information for peace of mind.

 - A 360° view of all your personal data: See your digital footprint, including traces from services you no longer use but that still have your data, and even send requests for data removal from service providers.