The non-profit Internet Archive digital library announced on social media Wednesday that its website is still suffering the effects of a DDoS attack that apparently started on Tuesday. However, users on social media are telling a different story, with some claiming their personal information has been exposed. Cybernews has the full story.
The Internet Archive's other free sites, including the popular Wayback Machine, the largest digital archive of the World Wide Web, and Open Library, were also not loading for the second time in two days on Wednesday, instead, returning a “503 Service Unavailable” error with the message "No server is available to handle this request.”
Quickly addressing the outage, the organization’s founder and digital librarian Brewster Kahle posted on his X account Wednesday, “Yesterday's DDOS attack on @internetarchive repeated today. We are working to bring http://archive.org back online."
Kahle posted a similar message at almost the exact same time on Tuesday to his followers, "DDOS on a Tuesday? Last time it was a Monday. Geez," he said, both of which were reposted to the main Internet Archive’s X profile as well.
Yesterday's DDOS attack on @internetarchive repeated today. We are working to bring https://t.co/Hk02WjumkL back online.
undefined Brewster Kahle (@brewster_kahle) October 9, 2024
News of the outage had also spread quickly on Reddit after one user from the "r/DataHoarder" subreddit posted a screenshot of the archive.org website, showing only a black screen with a comment that read:
"Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!"
The original poster asking fellow Reddit users, “Hey uhh..... am I the only one seeing this on Archive.org?”
For those of you who don’t know, the acronym ‘HIBP,’ stands for the website 'Have I Been Pwned,' where users can check the HIBP search functions to see if their personal information, such as email, address, or phone number, was compromised in any recent breaches.
It's also quite uncommon for a straight DDoS attack to have the capacity to post messages directly on a targeted website, as the entire goal of a distributed denial-of-service attack is just that, to overwhelm a server with bot traffic so it can't actually load the website at all.
Almost immediately, X users began to suggest that the outage was the result of a massive breach and not a DDoS attack by the way it all had unfolded.
One X user posted "Scheduled Maintenance, I don't think so," referring to the pop-up message claiming the site was suffering from a "catastrophic security breach."
And, it appears one of those millions of Internet Archive users has already popped up on the HIBP site, according to this post by cybercrime reporter AJ Vicens, “Welp, got my @haveibeenpwned notification related to my @internetarchive account. Me and 31 million+ others apparently.”
The date of the breach, according to HIBP, is listed as September 28th, 2024. The site further shows that all of Internet Archive's 31,081,179 users have been equally compromised.
Under the description of the incident, HIBP states, ”In September 2024, the digital library of internet sites Internet Archive suffered a data breach that exposed 31M records. The breach exposed user records including email addresses, screen names and bcrypt password hashes.”
Including basic personally identifiable information or PII, this implies all usernames and passwords have been exposed to the hackers.
Welp, got my @haveibeenpwned notification related to my @internetarchive account. Me and 31 million+ others apparently. pic.twitter.com/1T76IOqkYn
undefined AJ Vicens (@AJVicens) October 9, 2024
According to a “final update” on X by vx-underground, the malware collectors confirmed a compromise had taken place, citing Bleeping Computer and HIBP founder Troy Hunt, although there is no information on what or who may have caused the breach.
Vx-underground also noted that, unrelated to Wednesday’s “defacement and compromise,” a hacktivist named BlackMeta “claims to have been DDoSing the Internet Archive.”
“They state they're DDoSing the website because the United States government supports Israel and The Internet Archive belongs (?) to the United States.”
Note:
undefined vx-underground (@vxunderground) October 9, 2024
Final update and confirmations:
The compromise has been confirmed via @BleepinComputer and @TroyHunt. 31,000,000 users impacted. There is no confirmed information on how the site was compromised. No Threat Actor(s) have been attributed to the compromise. More…
The San Francisco-based organization was founded by Kahle in 1996, launched to the public in 2001, and, as witnessed on HIBP, has roughly 31 million users – although there have been questions about the viability of some of its services as recently as last month due to the fact that it is run completely on donations.
Besides the Open Library and Wayback Machine, which allows users to go "back in time" to see recorded screenshots of how a website looked on any particular date from 1996 on, the Internet Archive also features free access to other collections of digitized materials, including the Moving Image Archive, Audio Archive, eBooks, texts, and software applications.
"DDOSing the internet archive is a legitimate crime against humanity. You have to be a disgusting and despicably evil human to do such a thing," posted one supporter on X.
Even Kahle on Tuesday, during the first alleged DDoS attack, posted this somber statement, "the library lovers :( seem to have gone away. on to others."
Cybernews will update the story as new information is released.
Your email address will not be published. Required fields are markedmarked