The Internet Archive was recently hacked. Despite getting systems back online, problems continue to arise as the hackers still have access to some of the archive’s internal tools.
The Internet Archive, a non-profit digital library, suffered the effects of a DDoS attack that turned into a massive data breach.
Its website was defaced and around 31 million records were exposed. This included user records, email addresses, screen names, and bcrypt password hashes.
As if the non-profit hadn’t been through enough, users began receiving a strange email from “The Internet Archive Team.”
However, this email didn’t come from the archive’s team, it was supposedly written by actors who had obtained access to the Internet Archive’s Zendesk, an email support system.
The message reads:
“It’s dispiriting to see that even after being made of the breach two weeks ago, IA (Internet Archive) has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets.”
The message revealed that this included a Zendesk token with permission to access over 800,000 support tickets sent to the Internet Archive since 2018.
The unknown actor concludes by saying, “Whether you were asking a general question, or requesting the removal of your site from the Wayback Machine – your data is in the hands of some random guy. If not me, it’d be someone else.”
Since the attack, the Internet Archive has been “working around the clock across time zones” to bring its services back online, the archive said in a blog post.
The blog post said that Wayback Machine, Archive-It, and National Library crawls are back online. However, other Internet Archives services are still offline.
While the archive’s blog post stresses that this “new reality requires heightened attention to cybersecurity” which they claim to be responding to. The fact that actors still have some level of access to Internet Archive’s systems is concerning.
“Here’s to hoping that they’ll get their sh*t together now,” the actor concluded in the email.
Your email address will not be published. Required fields are markedmarked