The Internet Archive’s “Wayback Machine” has experienced a data breach after a hacker infiltrated the site and accessed a database containing 31 million unique user records. News of the incident began spreading on Wednesday, when visitors to archive.org encountered a JavaScript alert left by the hacker, announcing the breach.
The message read: “Ever feel like the Internet Archive is held together by a thread and ready to collapse in a security disaster? Well, it just did. See 31 million of you on HIBP!”
The reference to “HIBP” points to Have I Been Pwned, a data breach alert service founded by cybersecurity expert Troy Hunt. The hacker had shared the stolen Internet Archive database with Hunt nine days prior. The 6.4GB SQL file, named “ia_users.sql,” contains details about the platform’s registered users, including email addresses, screen names, password change records, Bcrypt-hashed passwords, and other internal information.
According to Hunt, the compromised database includes 31 million unique email addresses, with a large number of affected users already registered for breach notifications on HIBP. Once the data is fully processed, users will be able to verify whether their personal information was part of the breach by using the HIBP tool.
To validate the authenticity of the breach, Hunt reached out to individuals listed in the compromised data, including cybersecurity researcher Scott Helme. Helme allowed BleepingComputer to share his exposed record, confirming that the hashed password in the database matched the one stored in his password manager.
Hunt initiated a disclosure process with the Internet Archive three days prior, giving them 72 hours before the data would be added to HIBP. However, no response has been received from the organization.
Details on how the breach occurred or if any additional data was compromised remain unknown. On the same day, the Internet Archive also suffered a DDoS attack, which has since been claimed by the BlackMeta hacktivist group, who have threatened further attacks.
Source:
The message read: “Ever feel like the Internet Archive is held together by a thread and ready to collapse in a security disaster? Well, it just did. See 31 million of you on HIBP!”
The reference to “HIBP” points to Have I Been Pwned, a data breach alert service founded by cybersecurity expert Troy Hunt. The hacker had shared the stolen Internet Archive database with Hunt nine days prior. The 6.4GB SQL file, named “ia_users.sql,” contains details about the platform’s registered users, including email addresses, screen names, password change records, Bcrypt-hashed passwords, and other internal information.
According to Hunt, the compromised database includes 31 million unique email addresses, with a large number of affected users already registered for breach notifications on HIBP. Once the data is fully processed, users will be able to verify whether their personal information was part of the breach by using the HIBP tool.
To validate the authenticity of the breach, Hunt reached out to individuals listed in the compromised data, including cybersecurity researcher Scott Helme. Helme allowed BleepingComputer to share his exposed record, confirming that the hashed password in the database matched the one stored in his password manager.
Hunt initiated a disclosure process with the Internet Archive three days prior, giving them 72 hours before the data would be added to HIBP. However, no response has been received from the organization.
Details on how the breach occurred or if any additional data was compromised remain unknown. On the same day, the Internet Archive also suffered a DDoS attack, which has since been claimed by the BlackMeta hacktivist group, who have threatened further attacks.
Source: