Internet Archive has just suffered a major security setback that arose in the form of a hacking attempt.
The Wayback Machine underwent a data breach after threat actors hacked the website and stole user authentication data featuring 31M unique records. The news started to circulate online yesterday after visitors spoke about the incident after getting alerts.
The Internet Archive alert left many people to panic and worry about their stolen data records. Software expert Troy Hunt explained how the threat actor shared the database nearly 10 days back in the form of a file. It features authentic data for all registered members including sensitive details like email, screen names, password changes, hashed passcodes, and more kinds of internal information.
Image: @squeebme / X
The most likely database can be found from a recent timestamp linked to the stolen records which happens to be September 28th of this year. The fact that it featured data belonging to more than 31M unique email IDs and many are now subscribing to the HIBP notification service to see if their data was stolen.
The information was real and that’s when all of those on the list were contacted including leading security researcher Scott Helme. He allowed his records to be exposed to tech news outlets to get more understanding of the matter. Furthermore, he sent out a message to the Internet Archive three days back and started the process of disclosure. This meant the information would be loaded across the service in nearly 72 hours but he’s not heard from the source again.
For now, investigations into the matter are taking place to figure out what went wrong. This includes how threat actors breached the Internet Archive and whether more information was stolen or not. Meanwhile, it was published today that they also underwent a DDoS attack that was confirmed by a leading hacker group.
Hacktivists from BlackMeta mentioned more details about possible attacks on the same database in the future. This is why digital security experts should be on alert.
Read next: X Shifts Creator Payments Policy So It’s Less Dependent On Ads and More Related To Engagement
The Wayback Machine underwent a data breach after threat actors hacked the website and stole user authentication data featuring 31M unique records. The news started to circulate online yesterday after visitors spoke about the incident after getting alerts.
The Internet Archive alert left many people to panic and worry about their stolen data records. Software expert Troy Hunt explained how the threat actor shared the database nearly 10 days back in the form of a file. It features authentic data for all registered members including sensitive details like email, screen names, password changes, hashed passcodes, and more kinds of internal information.
Image: @squeebme / X
The most likely database can be found from a recent timestamp linked to the stolen records which happens to be September 28th of this year. The fact that it featured data belonging to more than 31M unique email IDs and many are now subscribing to the HIBP notification service to see if their data was stolen.
The information was real and that’s when all of those on the list were contacted including leading security researcher Scott Helme. He allowed his records to be exposed to tech news outlets to get more understanding of the matter. Furthermore, he sent out a message to the Internet Archive three days back and started the process of disclosure. This meant the information would be loaded across the service in nearly 72 hours but he’s not heard from the source again.
For now, investigations into the matter are taking place to figure out what went wrong. This includes how threat actors breached the Internet Archive and whether more information was stolen or not. Meanwhile, it was published today that they also underwent a DDoS attack that was confirmed by a leading hacker group.
Hacktivists from BlackMeta mentioned more details about possible attacks on the same database in the future. This is why digital security experts should be on alert.
Read next: X Shifts Creator Payments Policy So It’s Less Dependent On Ads and More Related To Engagement