The past few days have been tough for The Internet Archive team. The platform, which focuses on preserving the internet and offering free content, was temporarily unavailable due to a series of DDoS attacks. However, the most serious thing is the confirmation of a security breach that exposed sensitive data related to more than 31 million email accounts.
DDoS attacks crashed The Internet Archive’s servers; 31 million records exposed in data breach
The Internet Archive platform has been the target of DDoS attacks that have ended up taking it down. Prior to that, The Verge noticed a popup indicating a hack on the website. At that time, the website was loading slowly but still functional. The next day, The Internet Archive was completely inaccessible.
Troy Hunt, a security researcher, said on X that the DDoS attacks came at a time when The Internet Archive was about to disclose the database security breach that allowed hackers to obtain more than 31 million records. The breached information includes “email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data,” Hunt said. It is unknown who was responsible for the data breach.
On the other hand, Hunt claims that The Internet Archive team was uploading data related to the data breach to HIBP right around the time of the DDoS attack that took down the site. HIBP (“Have I Been Pwned?”) is a platform where people can check if their credentials or data have been exposed on the Internet.
“Blackmeta” claimed credit for the DDoS attack on The Internet Archive. The group’s motivations to do such a thing are not entirely clear. A message from Blackmeta only used a brief “belongs to the USA” as justification. Furthermore, the organization asserts that it will persist in launching attacks to maintain the downtime of The Internet Archive. Blackmeta had even threatened to carry out similar actions in May.
MORE:
www.androidheadlines.com/2024/10/the-internet-archive-ddos-attacks-big-data-breach.html
www.neowin.net/news/internet-archive-confirms-data-breach-of-over-31-million-accounts-suffers-many-ddos-attacks/