The Internet Archive, the digital library best known for providing free access to websites, apps, music, printed materials, and other archived content as part of its mission in providing “universal access to all knowledge,” has begun telling people to change their passwords after confirming that it has suffered from a security breach, one that is being described as “catastrophic,” with a threat actor having stole a user authentication database containing 31 million unique records. Troy Hunt, creator of haveibeenpwned.com, acknowledged the breach yesterday, noting that the website has also been facing several DDoS attacks. A tweet from the party claiming responsibility for the attacks can be found below.
The Internet archive has and is suffering from a devastating attack We have been launching several highly successful attacks for five long hours and, to this moment, all their systems are completely down.
— 𝐒𝐍_𝐁𝐋𝐀𝐂𝐊𝐌𝐄𝐓𝐀 (@Sn_darkmeta) October 9, 2024
second round | New attack
09/10/2024 Duration 6 hours… pic.twitter.com/SL9lz4gSld
Hunt told BleepingComputer that the threat actor shared the Internet Archive’s authentication database nine days ago and it is a 6.4GB SQL file named “ia_users.sql.” The database contains authentication information for registered members, including their email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data.