< Products
Have a current computer infection?
Try our antivirus with a free, full-featured 14-day trial
Find the right cyberprotection for you
< Business
< Pricing
Protect your personal devices and data
Protect your team’s devices and data – no IT skills needed
Step up your corporate endpoint security. Save up to 45%
< Partners
< Resources
< Support
Malwarebytes and Teams Customers
Nebula and Oneview Customers
A non-profit that benefits millions of people has fallen victim to a data breach and a DDoS attack.
Internet Archive, most known for its Wayback Machine, is a digital library that allows users to look at website snapshots from the past. It is often used for academic research and data analysis.
Cybercriminals managed to breach the site and steal a user authentication database containing 31 million records. The stolen database contains authentication information for registered members, including their email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data.
Who stole the database and why is not yet known. An unverified source told Malwarebytes that login credentials for the Azure servers of the Internet Archive were found in an information stealer log shared on the Dark Web, which could have offered someone the opportunity for a minimum-effort attack.
To pile more grief onto the breach, a “hacktivist” group calling themselves SN_BLACKMETA has launched several DDoS attacks against Internet Archive’s website archive.org for all the wrong reasons.
Their tweet which explains their motivation hasn’t gone down well among X users, with many commenting that the Internet Archive is not connected to the US Government and, in fact, a very useful tool.
Since the objective behind the DDoS attacks is no doubt attention-seeking, it is unlikely that the same group is behind the data breach as they haven’t claimed responsibility.
Internet Archive founder Brewster Kahle posted an update on X:
What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.
What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.
Will share more as we know it.
For now, anyone who suspects they’re affected by the data breach should follow our tips below. We’ll keep you updated on any developments in the story.
There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.
If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.
SCAN NOW
SHARE THIS ARTICLE
December 30, 2024 – This week on the Lock and Code podcast, we speak with Anna Brading and Mark Stockley about whether anywhere is safe from AI slop.
December 27, 2024 – An overview of incidents and news surrounding Artificial Intelligence in 2024.
December 20, 2024 – The personal information of children is leaked by trusted institutions which can lead to identity fraud and identity theft
December 19, 2024 – Criminals are luring victims looking to download software and tricking them into running a malicious command.
December 19, 2024 – TP-Link is being investigated for alleged predatory pricing practices, which may be driven by ulterior motives.
ABOUT THE AUTHOR
Pieter Arntz 
Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.
Contributors
Threat Center
Podcast
Glossary
Scams
Cyberprotection for every one.
COMPUTER SECURITY
MOBILE SECURITY
PRIVACY PROTECTION
IDENTITY PROTECTION
LEARN ABOUT CYBERSECURITY
PARTNER WITH MALWAREBYTES
ADDRESS
One Albert Quay
2nd Floor
Cork T12 X8N6
Ireland
3979 Freedom Circle
12th Floor
Santa Clara, CA 95054
ABOUT MALWAREBYTES
GET HELP
Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.
© 2024 All Rights Reserved
English 
Français