This breach is the latest in a series of escalating cyberattacks that have impacted the Archive’s operations
The Internet Archive has confirmed a third major security breach on October 20, 2024, as part of a troubling series of cyberattacks that have targeted the nonprofit organization this month. In this latest incident, hackers exploited unrotated Zendesk API tokens, gaining access to the platform used to manage the Archive’s support tickets.
Despite previous warnings and two earlier breaches, the Archive had not secured its system adequately, leaving the tokens vulnerable. As a result, attackers were able to access and potentially download sensitive support data, including personal identification documents submitted by users.
This breach is the latest in a series of escalating cyberattacks that have impacted the Archive’s operations. The first breach, on October 9, involved a dual attack: hackers accessed sensitive user information, while a separate group launched a Distributed Denial of Service (DDoS) attack, taking the site offline.
The Internet Archive, founded in 1996 by Brewster Kahle, is a nonprofit digital library best known for its Wayback Machine, which archives websites and allows users to view them as they appeared in the past. The organisation plays a critical role in preserving digital history, offering a vast collection of books, music, videos, software, and more. However, this month’s breaches have raised concerns about the security of the platform and its ability to protect user data.
Timeline Of Cyberattacks:
Hackers used a previously exposed GitLab token, vulnerable since 2022, to access the Internet Archive’s source code. This breach compromised data from 31 million users, including Bcrypt-hashed passwords, email addresses, and other sensitive information. At the same time, a pro-Palestinian group called SN_BlackMeta launched a DDoS attack that flooded the Archive’s servers, temporarily taking the site offline. Although the two attacks occurred simultaneously, they were conducted by different groups.
In the most recent breach, hackers exploited Zendesk API tokens that had not been rotated, despite prior breaches. This allowed attackers to access the platform handling support tickets and potentially download sensitive data, including personal documents.
The Internet Archive operates primarily through donations and has been a vital resource for historians, researchers, and the public. With its infrastructure under constant cyberattack, questions are being raised about how the organization will secure its vast digital collections and protect its users moving forward.
Authorities are investigating the breaches, while the Internet Archive is under pressure to enhance its cybersecurity measures to prevent further incidents.