Those behind the hack chastise the Internet Archive for not rotating API keys, giving them access to the organization's Zendesk ticketing system.
The Internet Archive isn’t out of the woods yet. Hackers are now ridiculing the organization by responding to old support tickets.
A reporter for The Verge received a response to a support ticket logged on Oct. 9, but the email does not appear to be written by the site’s customer response team. Instead, it chastises the Internet Archive for not “rotating many of the API keys that were exposed in their gitlab secrets.”
On Reddit, many other Internet Archive users reported the same thing, with some getting emails about support tickets they submitted as far back as 2021.
The Internet Archive was hacked earlier this month by a hacker group that goes by the name of @Sn_darkmeta on X. The group stole 6.4GB of data from 31 million user accounts, including email addresses, usernames, and hashed passwords. It was also hit with multiple DDoS attacks that forced the Internet Archive to go dark temporarily.
It appears the hackers accessed the archive’s Zendesk ticketing system internally to reply to “800K+ support tickets sent to [email protected] since 2018,” they said in this week’s email.
“Whether you were trying to ask a general question or requesting the removal of your site from the Wayback Machine—your data is now in the hands of some random guy. If not me, it’d be someone else. Here’s hoping that they’ll get their shit together now,” the message adds.
On Reddit, some email recipients were not impressed.
“I just received the same snarky email. It‘s quite senselessly malicious and perverse for these so-called ‘hacktavists’ to be so intent on giving the Internet Archive a hard time,” one person wrote. “Internet Archive and Open Library are a benevolent project to make knowledge and good reading more accessible to the masses. There are so many other sites, for instance capitalist and military sites, that would be more deserving targets. I guess those sites are too challenging for hacktavists of limited ability.”
“It seems to suggest that the real culprits are possibly just jackasses perpetrating this maliciousness for bragging rights in the hacker community,” added another.
Still, other Redditors argued that “being benevolent or a charity or some such is not an excuse to have poor user account security and pathetic site management.”
The Internet Archive team has resurrected some of its popular tools, such as the Wayback Machine, Archive-It, and blog.archive.org. However, “other Internet Archive services are temporarily offline,” according to its website.
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. By clicking the button, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Your subscription has been confirmed. Keep an eye on your inbox!
Jibin is a tech news writer based out of Ahmedabad, India. Previously, he served as the editor of iGeeksBlog and is a self-proclaimed tech enthusiast who loves breaking down complex information for a broader audience.
Read Jibin's full bio
Advertisement
PCMag.com is a leading authority on technology, delivering lab-based, independent reviews of the latest products and services. Our expert industry analysis and practical solutions help you make better buying decisions and get more from technology.
© 1996-2024 Ziff Davis, LLC., a Ziff Davis company. All Rights Reserved.
PCMag, PCMag.com and PC Magazine are among the federally registered trademarks of Ziff Davis and may not be used by third parties without explicit permission. The display of third-party trademarks and trade names on this site does not necessarily indicate any affiliation or the endorsement of PCMag. If you click an affiliate link and buy a product or service, we may be paid a fee by that merchant.
Français 
English