11.10.2024 19:20:00
Дата публикации
The Internet Archive platform, known for its The Wayback Machine service, has suffered a major leak. Hackers stole a database containing the personal information of 31 million users.
The hack was first reported on October 9, 2024, when hackers placed a pop-up warning on the main page of the Archive.org website, announcing a hack and data leak. The text contained a reference to the Have I Been Pwned (HIBP) service, which notifies users about data leaks.
Security researcher Troy Hunt, the creator of HIBP, confirmed the authenticity of the stolen database - it contains unique email addresses, encrypted passwords, and other internal user data.
According to Hunt, the most recent entry in the database is dated September 28, 2024, which likely indicates the date of the hack itself. This means that the hackers gained access to the system at least several weeks ago.
The Internet Archive was simultaneously hit by a series of DDoS attacks, making the site inaccessible to users. The hacktivist group BlackMeta claimed responsibility for these attacks and said it plans to continue attacking the platform.
The founder of the Internet Archive, Brewster Kale, said that the team quickly took measures to restore the site and protect user data. In particular, the vulnerable JavaScript library was disabled, the system was thoroughly cleaned, and steps were taken to strengthen security.
It is worth noting that the Internet Archive has been facing serious legal problems for several months. In the recent lawsuit "Hachette v. Internet Archive", the organization suffered a defeat, which worsened its financial situation. In addition, a new lawsuit from music labels has been filed against the platform, which could lead to significant fines.
Users whose data fell into the hands of hackers received letters notifying them of the leak. The letters provide steps to help protect their accounts. Among the recommendations are using a complex password manager and enabling two-factor authentication for additional security.
Internet Archive was founded in 1996, and the Wayback Machine has been operating since 2001, and the function of archiving the content you need is only available if you are registered on the portal itself. Therefore, a giant database of enthusiasts and public figures, including very famous ones, could fall into the hands of hackers.
(the text translation was done automatically)
The hack was first reported on October 9, 2024, when hackers placed a pop-up warning on the main page of the Archive.org website, announcing a hack and data leak. The text contained a reference to the Have I Been Pwned (HIBP) service, which notifies users about data leaks.
Security researcher Troy Hunt, the creator of HIBP, confirmed the authenticity of the stolen database - it contains unique email addresses, encrypted passwords, and other internal user data.
According to Hunt, the most recent entry in the database is dated September 28, 2024, which likely indicates the date of the hack itself. This means that the hackers gained access to the system at least several weeks ago.
The Internet Archive was simultaneously hit by a series of DDoS attacks, making the site inaccessible to users. The hacktivist group BlackMeta claimed responsibility for these attacks and said it plans to continue attacking the platform.
The founder of the Internet Archive, Brewster Kale, said that the team quickly took measures to restore the site and protect user data. In particular, the vulnerable JavaScript library was disabled, the system was thoroughly cleaned, and steps were taken to strengthen security.
It is worth noting that the Internet Archive has been facing serious legal problems for several months. In the recent lawsuit "Hachette v. Internet Archive", the organization suffered a defeat, which worsened its financial situation. In addition, a new lawsuit from music labels has been filed against the platform, which could lead to significant fines.
Users whose data fell into the hands of hackers received letters notifying them of the leak. The letters provide steps to help protect their accounts. Among the recommendations are using a complex password manager and enabling two-factor authentication for additional security.
Internet Archive was founded in 1996, and the Wayback Machine has been operating since 2001, and the function of archiving the content you need is only available if you are registered on the portal itself. Therefore, a giant database of enthusiasts and public figures, including very famous ones, could fall into the hands of hackers.
