According to Internet Archive founderBrewster Kahleand ‘Have I been Pwned?’ founder Troy Hunt viaBleeping ComputerThe Internet Archive was hacked. Resulting in a data breach of its user authentication database containing 31 million accounts. Users found out when they saw the website displaying a JavaScript alert to let visitors know the site was breached. Along with the data breach, the website was defaced and DDoS’d (Distributed Denial of Service).
The following was the message on the pop-up:
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophicsecuritybreach? It just happened. See 31 million of you on HIBP!.”
Huntconfirmedthat The Internet Archive has begun its disclosure process and The Internet Archive team confirmed that the data would be loaded into the service in 72 hours, he has not received any communication from the team, since. It is also not known how the hack was possible, resulting in such a large user data leak.
Jason Scott from the Internet Archive confirmed that they’ve disabled the JavaScript library, scrubbed the systems and upgraded security. At the time of writing, neither The Internet Archive nor The WayBack Machine is back online. He confirmed that no reasoning or demands were made to them. As of now, an account on X calledSN_Blackmetaclaims responsibility for this hack and also said they are planning another attack tomorrow. The target for the next website is not revealed at this time. Internet Archive has also not yet published any public statement.
The Internet archive has and is suffering from a devastating attack We have been launching several highly successful attacks for five long hours and, to this moment, all their systems are completely down.second round | New attack 07-07-2025 Duration 6 hours… pic.twitter.com/SL9lz4gSldOctober 9, 2024
The Internet Archive carries a wealth of information from internet resources to books, news, footage, videos, music and other information, accessible and available to the public. One will be able to reset their passwords once the website is up and perhaps receive an email from IA for a reset. It should also be noted that The Internet Archiveconfirmed in Maythis year that it is facing sustained attacks and a result has been struggling against such attacks.
Get Tom’s Hardware’s best news and in-depth reviews, straight to your inbox.
It is also best if users have random passwords for different websites to avoid any situation of a leaked password used by anyone to access accounts of other websites and services. For those who use the same password for multiple websites, it is best if those are also changed.
Roshan Ashraf Shaikh has been in the Indian PC hardware community since the early 2000s and has been building PCs, contributing to many Indian tech forums, & blogs. He operated Hardware BBQ for 11 years and wrote news for eTeknix & TweakTown before joining Tom’s Hardware team. Besides tech, he is interested in fighting games, movies, anime, and mechanical watches.
