The Internet Archive, a vital digital library renowned for its Wayback Machine, has been severely impacted by a cyberattack that compromised the data of 31 million users.
This breach not only leaked sensitive information but also forced the service offline temporarily, raising significant concerns about the platform’s security and future operations.
The Attack Unfolds
Recent reports revealed that the Internet Archive was subjected to a major cyberattack, which was first identified on September 28. The attack resulted in the theft of email addresses, usernames, hashed passwords, and other confidential details from a vast user database. On October 9, the situation worsened when a Distributed Denial of Service (DDoS) attack struck, further crippling the site and leading to its temporary shutdown.
By October 13, Brewster Kahle, the founder of the Internet Archive, announced that the platform had resumed operations, albeit in a limited “read-only” state. He reassured users that while the service was safe to access, further maintenance might be necessary to address ongoing security issues.
Limited Access and Functionality
In its current state, the Internet Archive allows users to explore its extensive collection of over 916 billion archived web pages. However, users are unable to save new pages or contribute content to the archive during this read-only phase. The staff has been working diligently to restore essential features, including email accounts and tools for preserving websites on behalf of national libraries, while simultaneously reinforcing security measures to mitigate future threats.
This incident occurred at a critical juncture, just as Google began incorporating links to the Wayback Machine in search results. With Google’s removal of its cached pages earlier this year, the inclusion of the Wayback Machine links is increasingly important for accessing older web content. The outage disrupted this invaluable resource for users seeking historical data.
Hacker Claims Responsibility
A hacker claiming responsibility for the breach labeled it a “catastrophic security breach.” The extent of the data theft was confirmed by the security tracking service Have I Been Pwned (HIBP), which reported that the accounts of 31 million users had been compromised.
While the breach was extensive, the motivations behind the attack remain unclear. Speculation suggests that various parties—possibly including publishers with financial interests—might view the Internet Archive as a threat. The hacker’s cryptic message hinted at this, asking whether users had ever felt that the Archive was always on the brink of such a catastrophe.
Ongoing Threats Since May
This recent cyberattack is not an isolated event; the Internet Archive has been under sustained attack since May. Many observers believe these incidents may be part of a concerted effort to undermine the platform. Questions linger about who stands to gain from disrupting the Archive, with some suggesting that the attackers may be driven by personal or ideological motives.
Regardless of the motivations, these continued cyber threats pose a significant risk to the future of the Internet Archive, a cornerstone for free access to information.
Community Support and Action
In the wake of this attack, the Internet Archive’s community has rallied in support of the platform. Users are expressing their concerns about losing access to essential historical data and have called for collective action to protect the Archive from future threats.
As the Internet Archive works toward restoring full functionality, its supporters are offering assistance in various forms, from financial contributions to legal and cybersecurity expertise. The Archive has long served as a critical resource for preserving knowledge, and its community is committed to ensuring its survival.