Posted on Leave a comment

Internet Archive (Archive.org) Hacked for Second Time in a Month – HackRead

The Internet Archive (Archive.org) suffered a second security breach in October 2024, exposing support tickets through unrotated Zendesk API tokens. The organization faces reputational damage and risks to user data.

The Internet Archive, a non-profit organization founded by Brewster Kahle to preserve the Internet’s history, has been experiencing a series of cyberattacks throughout October 2024. It all started on October 9th with a dual attack: a data breach and a Distributed Denial-of-Service (DDoS) attack, which were promptly reported by Hackread.com.
The attack was revealed with a message displayed on the Internet Archive’s website (archive.org), with the hackers themselves, taunting the organization’s security vulnerabilities and announcing the stolen data on a website called “Have I Been Pwned?” (HIBP). 
Reportedly, the hackers exploited a GitLab token, compromising the Archive’s source code and stealing user data from 31 million accounts. This exposed sensitive information, including Bcrypt-hashed passwords and email addresses.
A Pro-Palestinian group SN_BlackMeta launched another DDoS attack around the same time, temporarily knocking the site offline, including the Wayback Machine, which collects snapshots of hundreds of billions of web pages. While these attacks coincided, they were likely conducted by separate entities.
On October 18, Kahle confirmed that stored data is safe and that “Wayback Machine, Archive-It, scanning, and national library crawls have resumed.” He also stated that the organization is taking a cautious approach to rebuilding and strengthening defences.

However, the Internet Archive experienced another security breach on 20 October 2024, where hackers exploited unrotated Zendesk API tokens to access its support platform. The breach exposed thousands of support tickets dating back to 2018, potentially containing personal identification documents, and highlighted a critical lapse in the Archive’s security practices, leading to a failure to rotate access tokens regularly.
The Archive suffered multiple breaches due to vulnerabilities in its infrastructure, allowing attackers to access user data. It is speculated that the attacks were motivated by reputation rather than financial gain, with hackers seeking recognition within hacker communities. Although no ransom demands were made, the stolen data poses risks like phishing attacks and identity theft.

The Internet Archive hasn’t yet commented on the recent breach. Nevertheless, considering that it serves as a crucial repository of historical digital information, the series of attacks raise concerns about the long-term safety of this digital treasure trove and signifies the importance of strong cybersecurity measures. Regular security audits, secure coding practices, and prompt responses to vulnerabilities are essential for protecting user data and critical infrastructure. 
The display of third-party trademarks and trade names on the site do not necessarily indicate any affiliation or endorsement of Hackread.com. If you click an affiliate link and buy a product or service, we may be paid a fee by that merchant.

source

Leave a Reply

Your email address will not be published. Required fields are marked *