Tue Oct 15 12:46:21 UTC 2024: ## Internet Archive Suffers Major Data Breach and DDoS Attacks
The Internet Archive, a digital library containing a vast collection of online content, has been targeted by a series of denial-of-service (DDoS) attacks, effectively rendering the site unusable since Wednesday.
The attacks, however, are overshadowed by a more alarming development: a data breach that reportedly compromised the personal information of 31 million users. This breach, confirmed by the Archive and HIBP (Have I Been Pwned), included user names, emails, and salted-encrypted passwords.
While the passwords are encrypted, users are urged to change their Internet Archive passwords immediately, as well as any other accounts that use the same password.
The Archive has since disabled the JavaScript library responsible for the initial pop-up message notifying users of the breach and is working to upgrade security and scrub its systems. However, the DDoS attacks continue to hinder service availability.
Responsibility for the attacks has been claimed by an account on X (formerly Twitter) going by the name SN_Blackmeta, allegedly located in Russia. The account claims the attack was motivated by opposition to the US government and its support of Israel. However, the Archive maintains no notable ties to the US government beyond its physical location.
The incident comes at a challenging time for the Internet Archive, which is already facing a landmark copyright lawsuit over its lending library. This data breach and ongoing DDoS attacks further exacerbate the organization’s difficulties.
Users of the Internet Archive are advised to change their passwords and stay updated on the situation through official channels.
First Piper 