Internet Archive reels from 'catastrophic' cyberattack, data breach

Internet Archive reels from 'catastrophic' cyberattack, data breach

A massive cyberattack and data breach hits the Internet Archive
A massive cyberattack and data breach hits the Internet Archive. Photo: Stefani REYNOLDS / AFP
Source: AFP

The Internet Archive, an online repository of web pages, was offline Thursday after its founder confirmed a major cyberattack that exposed the data of millions of users and left the site defaced.

The assault on the San Francisco-based nonprofit, claimed by a shadowy group that experts described as a pro-Palestinian "hacktivist," lays bare the perils of cybersecurity breaches ahead of the November 5 US presidential election.

Brewster Kahle, the Internet Archive's founder and digital librarian, acknowledged a series of distributed denial-of-service (DDoS) attacks -- aimed at disrupting a website or server -- since Tuesday and said the organization was working to upgrade security.

The assault led to the "defacement of our website" and a breach of usernames, emails and passwords, Kahle wrote on X, formerly Twitter, late Wednesday.

In a new post early Thursday, Kahle said the attackers had returned, knocking down both the Internet Archive's main site and its "Open Library," an open source catalogue of digitized books.

Read also

Musk finally unveiling his long-promised robotaxi

The Internet Archive's data "has not been corrupted," he wrote in a subsequent post.

"We are working to restore services as quickly and safely as possible," he added.

On Wednesday, users reported a pop-up message claiming the site had been hacked and the data of 31 million accounts breached.

"Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach?" said the pop-up, apparently posted by the hackers.

"It just happened. See 31 million of you on HIBP!"

HIBP refers to site called "Have I been Pwned," a site that allows users to check whether their emails and passwords have been leaked in data breaches.

In another post on X, HIBP confirmed that 31 million records from the Internet Archive had been stolen, including email addresses, screen names and passwords.

Read also

'Sleeper agent' bots on X fuel US election misinformation, study says

'Rising' threat

Kahle did not respond to a request for comment about the scale of the data breach.

A hacker group called "SN_BLACKMETA" claimed responsibility for the attack on X.

"The Internet Archive has and is suffering from a devastating attack," the group wrote on the platform Wednesday.

"They are under attack because the archive belongs to the USA, and as we all know, this horrendous and hypocritical government supports the genocide that is being carried out by the terrorist state of 'Israel.'"

In a threat advisory in July, Radware, a cybersecurity solutions provider, described the group as a "pro-Palestinian hacktivist with potential ties to Sudan" and possibly operating from Russia.

Radware called the group a "rising cyber threat" with a "strong ideological stance and a strategic approach to cyber warfare."

The Internet Archive, a nonprofit that is not known to have any ties to the US government or Israel, was founded in 1996 and advocates for a free and open internet.

Read also

Your 'local everything': what 7-Eleven buyout battle means for Japan

It operates a web archive called the Wayback Machine, which has captured snapshots of millions of internet pages.

Like other archival sites, the Wayback Machine is a crucial resource for fact-checkers, who use it to trace deleted web pages and ensure that the evidence cited in articles is permanently available to readers.

It can also be used to document changes made to online content over time and helps researchers and scholars find historical collections that exist in digital formats.

PAY ATTENTION: Сheck out news that is picked exactly for YOU ➡️ find the “Recommended for you” block on the home page and enjoy!

Source: AFP

Authors:
AFP avatar

AFP AFP text, photo, graphic, audio or video material shall not be published, broadcast, rewritten for broadcast or publication or redistributed directly or indirectly in any medium. AFP news material may not be stored in whole or in part in a computer or otherwise except for personal and non-commercial use. AFP will not be held liable for any delays, inaccuracies, errors or omissions in any AFP news material or in transmission or delivery of all or any part thereof or for any damages whatsoever. As a newswire service, AFP does not obtain releases from subjects, individuals, groups or entities contained in its photographs, videos, graphics or quoted in its texts. Further, no clearance is obtained from the owners of any trademarks or copyrighted materials whose marks and materials are included in AFP material. Therefore you will be solely responsible for obtaining any and all necessary releases from whatever individuals and/or entities necessary for any uses of AFP material.