Cyberattack on Internet Archive by pro-Palestinian hacker, 31 mn users affected

The Internet Archive has been the victim of a major cyberattack by a pro-Palestinian hacker, and the personal data of about 31 million users have been exposed.

The cyber attack compromised encrypted passwords, email addresses, and screen names of its users, who were urged to change their passwords immediately, as reported by ndtv.com.

The Internet Archive

The Internet Archive is a popular digital library and is best known for its Wayback Machine. It is an American non-profit digital library website founded in 1996 by Brewster Kahle. If offers free universal access to texts, movies, music, and 624 billion archived web pages.

Also Read: Cyber risks biggest threat to Indian organisations, says survey

The breach

A JavaScript (JS) library on the website was exploited, revealing the details of millions of its users.

A pop-up message on the website informed visitors that the Internet Archive had “suffered a catastrophic security breach”.

Breach acknowledged

Brewster Kahle acknowledged the breach and the Distributed Denial-of-Service (DDOS) attacks affecting the platform.

Kahle wrote on X, “What we know: DDOS attack – fended off for now; defacement of our website via JS library; breach of usernames / email / salted-encrypted passwords. What we’ve done: Disabled the JS library, scrubbing systems, upgrading security. Will share more as we know it."

The Internet Archive’s website archive.org and its Wayback Machine have been inaccessible as the organisation struggles to restore its operations and upgrade its security to prevent any future attacks.

Also Read: One in three lost personal data in cyber attacks but remained unaware: Rubrik CEO

The ‘hacktivist’

The responsibility for the data breach and the DDOS attacks was claimed by an account “SN_BlackMeta”.

The group made a statement that their attack lasted five hours and that they were launching highly successful attacks.

This group has been connected with pro-Palestinian hacktivist movements, and has earlier been linked to attacks on financial institutions in the Middle East region.

Also Read: Watch: India's cybersecurity: Are we sitting ducks?

SN_BlackMeta posted on X, “The Internet archive has and is suffering from a devastating attack We have been launching several highly successful attacks for five long hours and, to this moment, all their systems are completely down. Second round | New attack 09/10/2024 Duration 6 hours.”

‘Internet Archive is not the US govt’

In response to the cyber attack and the post by SN_BlackMeta, a user stated, “This group claims they took down the Internet Archive because it ‘belongs to the USA … who support Israel,’ which is not true. The Archive is not the US government; it is a nonprofit that includes many resources about Palestine, which we can’t now access because of this attack.”