The Internet Archive, renowned for its “Wayback Machine”, has suffered a significant data breach. A threat actor compromised the website, stealing a user authentication database containing information on 31 million users. The breach was first noticed when a JavaScript alert on the archive.org website warned users about the incident.
Web.archive.org says
As of now, the Internet Archive’s website is offline as a precautionary measure while the organization investigates the breach.
Is Internet Archive down?
The compromised data, stored in a 6.4 GB SQL file named ia_users.sql, includes users’ email addresses, screen names, password change timestamps, and Bcrypt-hashed passwords. The data has reportedly been shared with the “Have I Been Pwned” (HIBP) service, which allows individuals to check if their data has been exposed in a breach.
What Should Affected Users Do?
- Check for Compromise: Visit Have I Been Pwned and enter your email address to see if your data is part of this breach.
- Change Your Passwords: If your email is affected, change your passwords on archive.org and any accounts that use the same credentials. Ensure the new password is strong and unique.
- Enable Two-Factor Authentication (2FA): Where possible, enable 2FA for additional security on your accounts, reducing the risk of unauthorized access.
- Watch for Phishing Attempts: Be vigilant for suspicious emails or messages that may attempt to exploit the stolen data. Verify the source before clicking any links or sharing sensitive information.
The exact method of the breach is still unknown, and it is uncertain if any other data was compromised. Additionally, the Internet Archive experienced a DDoS attack earlier, attributed to the BlackMeta hacktivist group, suggesting potential further disruptions.
For more information, keep an eye on official announcements from the Internet Archive and security updates from trusted sources. Taking proactive measures now can help mitigate risks associated with this breach.
