The Internet Archive has suffered another data breach after “a threat actor” took possession of the email addresses of the people who submitted support requests. The hackers responsible for the latest data breach are sending replies to Internet Archive’s Zendesk support tickets to demonstrate that the site suffers from security problems.
“It’s dispiriting to see that even after being made aware of the breach weeks ago, Internet Archive has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets,” states the message. “Whether you were trying to ask a general question or requesting the removal of your site from the Wayback Machine, your data is now in the hands of some random guy. If not me, it’d be someone else.”
The group behind the message claims to have access to a Zendesk token with permission to access more than 800,000 support tickets since 2018. If you’ve emailed the Internet Archive with a removal request that included personal identification in the past few years, there’s a legitimate reason to be concerned, as these email addresses and encrypted passwords are now exposed to hackers. You can check if your details were leaked in this security breach on the Have I Been Pwned website.
It’s unclear whether the hackers responsible for the latest data breach are the same group behind a recent distributed denial-of-service (DDoS) attack or a previous data breach that compromised a user authentication database containing 31 million unique records. Those incidents prompted Internet Archive founder Brewster Kahle to take the site offline for maintenance as his team worked to patch security holes.
The Internet Archive is now back online but isn't fully operational, with only a handful of services available, including the Wayback Machine internet archive, Archive-It.org, and the official blog. The most recent update from the blog, dated October 17, states the site will remain in read-only mode with no updates possible “as full restoration will take more time.”
“We’re taking a cautious, deliberate approach to rebuild and strengthen our defenses,” it reads. “Our priority is ensuring the Internet Archive comes online stronger and more secure.”
Source: Bleeping Computer, Reddit