The Internet Archive, the non-profit organization behind the popular Wayback Machine web archiving tool, has suffered a significant data breach. The attack, which was discovered in September 2024, exposed the personal information of 31 million users, raising concerns about user privacy and the security of the vast historical web data the Archive maintains.
On Wednesday afternoon, an unauthorized pop-up message appeared on the Internet Archive website, announcing the data breach. The message directed users to the Have I Been Pwned (HIBP) website, a service that tracks data breaches.
Security researcher Troy Hunt, who runs HIBP, confirmed the breach and revealed that it involved 31 million unique email addresses, usernames, and encrypted passwords.
Hi folks, yes, I'm aware of this. I've been in communication with the Internet Archive over the last few days re the data breach, didn't know the site was defaced until people started flagging it with me just now. More soon. https://t.co/uRROXX1CF9
— Troy Hunt (@troyhunt) October 9, 2024
The attackers also defaced the Internet Archive website and launched a series of distributed denial-of-service (DDoS) attacks, which temporarily brought the service offline. Internet Archive first privately acknowledged the data breach but then issued a public statement about the incident.
As of now, the identity of the perpetrators behind the Internet Archive breach remains unknown. The ongoing investigation is likely focused on gathering evidence and analyzing the attack methods to narrow down potential suspects.
Image Description: False claims made by hacktivist group BlackMeta about carrying out this breach.
The data breach at the Internet Archive exposed the personal information of 31 million users, including email addresses, usernames, and encrypted passwords. While the passwords were hashed, there is a risk that hackers could crack them using advanced techniques like brute force attacks. This could lead to many negative consequences for affected users, including:
Hackers could use the stolen information to create fake accounts, steal money, or commit other crimes in the name of the affected individuals.
Hackers may use the stolen email addresses to send phishing emails designed to trick you into revealing sensitive information or downloading malware.
The stolen email addresses could be used to send spam emails, unsolicited marketing messages, or other unwanted communications.
If hackers can crack the stolen passwords, they could gain access to other online accounts that use the same email addresses or usernames.
The wayback machine has been compromised.
— vx-underground (@vxunderground) October 9, 2024
See you all in HIBP! pic.twitter.com/adX8bgP0BY
Here are some steps you should take if you think your Internet Archive account may have been compromised:
Use a strong, unique password that you don't use for any other online accounts.
2FA adds an extra layer of security by requiring a second verification code when logging in.
Hackers may try to trick you into revealing personal information by sending emails that appear to be from the Internet Archive. Do not click on suspicious links sent through emails or messages.
Use a service like Have I Been Pwned to see if your email address has appeared in any known data breaches. If so, you may need to change the passwords for all of your online accounts that use that email address.
Keep a close eye on your online accounts for any suspicious activity, such as unauthorized transactions or changes to your personal information.
23andMe has finished its investigation, which was helped by third-party forensics specialists. They are currently in the process of notifying concerned customers, as required by law.
“Since detecting the incident, we emailed all customers to notify them of the investigation and are continuing to notify impacted customers, based on applicable laws,” according to 23andMe.
Most of the affected victims (5.5 million) used a feature called “DNA relatives” to find family members, while the rest (1.4 million) used a feature called “Family Tree.”
They also made it clear that the information was gathered by credential stuffing,
“The threat actor used the compromised credential-stuffed accounts to access the information.”
They also guided their customers to take preventive measures by saying:
“We also required every 23andMe customer to reset their password. In addition, 23andMe now requires all new and existing customers to log in using two-step verification.”
When data is exposed, it can result in several major privacy concerns. This can occur through a variety of means. Once data gets attacked, it is tough to recover, with serious privacy risks. The following are some of the most prevalent privacy risks linked with exposed data:
The experience of identity theft can be emotionally devastating, causing worry, anxiety, and a loss of trust.
23andMe's RESPONSE: The company confirmed the data's legitimacy. They believe the hackers used credentials from other breaches to access 23andMe accounts.
— Matt Johansen (@mattjay) October 6, 2023
"We do not have any indication at this time that there has been a data security incident within our systems." pic.twitter.com/TNBWWdxTEh
Disclosed genetic information could potentially be used to discriminate against people in fields such as employment, insurance, and healthcare.
Exposed data can be exploited to trick people into disclosing sensitive information or taking actions that benefit the attackers.
Exposed data can be used to target people based on their personal qualities, resulting in discrimination and harassment.
Organizations that fail to protect sensitive data risk facing substantial fines and penalties.
By taking these initial steps, you may help reduce the potential effect of a 23andMe data breach while also protecting your personal information.
If you suspect a data breach involving 23andMe, you should take these quick steps:
Contact 23andMe customer care right away to report the alleged breach and inquire about their response.
Watch 23andMe's website and social media outlets for official news and updated security protocols regarding the breach.
Change your 23andMe password immediately and set a strong and complex password to avoid illegal access.
If it is available, enable two-factor authentication for enhanced security.
Keep a check on your bank accounts, credit reports, and other internet accounts for any unusual behavior.
The Internet Archive has faced several legal challenges in recent years, including lawsuits related to copyright infringement and digital lending. One notable case is Hachette v. Internet Archive, where book publishers argued that the Archive's digital lending library violated copyright law.
The Internet Archive does collect some user data, including IP addresses and browsing history, to improve its services and personalize user experiences. However, the organization has stated that it does not sell user data to third parties.
The Internet Archive operates a distributed network of servers worldwide to store its vast collection of web content. The exact locations of these servers are not publicly disclosed for security reasons.
No, it is not entirely safe to use platforms like the Internet Archive. While the Internet Archive has generally been considered a reliable resource, the recent data breach highlights the risks associated with using online services.
A hacker group known as "SN_BLACKMETA" took credit for the attack, stating they targeted the archive because it is affiliated with the United States. They connected the cyberattack to the U.S. government's alliance with and support for Israel.
The Internet Archive, established in 1996 by Brewster Kahle, is a U.S.-based nonprofit digital library. It offers free access to a wide range of digitized content, such as websites, software, music, videos, and printed materials. The organization also champions the cause of a free and open internet.
The Internet Archive data breach is a serious incident that highlights the importance of protecting personal information online. It's essential for you to take immediate action to secure your accounts and prevent information sharing on all platforms. Keep your data secure with us!