HQ/EMEAFind out how we can help your business
The Wayback Machine, the digital archive founded by the Internet Archive, has suffered a data breach attack. Based on reports, the threat actors infiltrated the website and stole a user authentication database, which stores about 31 million unique user entries.
News about this incident spread earlier this week after website visitors spotted a JavaScript notice published by the hackers implying that they had compromised the Internet Archive.
The JavaScript notice stated that the hackers had already executed a breach, which the Internet Archive has been trying to prevent. The attackers also claimed that they saw the non-profit digital library’s 31 million unique entries on Have I Been Pawned (HIBP) to prove the legitimacy of their activities.
Moreover, the HIBP creator revealed that the threat actor shared with them the Internet Archive authentication database, which contains a 6.4GB SQL file. This disclosure confirmed the database stores authentication information for registered members, such as email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal information.
Have I Been Pawned will start to post the stolen Internet Archive database.
Reports revealed that the compromised Internet Archive database will soon be posted to HIBP to allow potentially affected individuals to verify if their email addresses are in the leak. The data was proved genuine after the HIBP owner contacted database users.
In addition, a separate researcher also checked the bcrypt-hashed password in the data record to see if it matched the one in its password manager and validated its timestamp in the database record to see if it corresponded to the date it last changed its password in its password manager.
On the other hand, the HIBP owner claimed it had already contacted the Internet Archive upon learning of the incident and began the disclosure procedure. The communication indicated that the material would be uploaded to the service within 72 hours. Still, the affected entity has allegedly not replied to the inquiry.
It is still a mystery how the attackers acquired initial access to the Internet Archive or what other details they obtained during the attack.
