Internet Archive leaks user info and succumbs to DDoS
(2024/10/10)
- Reference: 1728523985
- News link: https://www.theregister.co.uk/2024/10/10/internet_archive_ddos_data_leak/
- Source link:
The Internet Archive had a bad day on the infosec front, after being DDoSed and exposing user data.
On Wednesday afternoon US time the outfit’s digital library Brewster Kahle [1]revealed a DDoS attack had made the site unavailable. The Register understand the outage may have lasted up to five hours, during which time visitors saw only a notification of the incident.
While that was happening, data leak notification service haveibeenpwned (HiBP) [2]posted news of a leak that saw 31,081,179 users’ accounts exposed. Register staff received mails from HIBP that state “The breach exposed user records including email addresses, screen names and bcrypt password hashes.”
[3]
Kahle later [4]confirmed the leak , writing that the service has detected “defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.”
[5]
[6]
The org has disabled the JS library, and is “scrubbing systems , upgrading security.”
Kahle offered no detail beyond that but promised to “share more as we know it.”
[7]
It is unclear if the DDoS and breach are linked.
The Register sought comment from the Archive but had not received a response at the time of publication.
[8]Internet Archive blames 'environmental factors' for overnight outages
[9]Of course the Internet Archive’s digital lending broke the law, appeals court says
[10]Google flushes cached search results forever
[11]Bank of America app glitch zeroes out people's balances
The two incidents continue an unhappy 2024 for the Internet Archive, which has [12]lost a case regarding its right to lend digital assets, gone offline due to [13]power failures , and endured other [14]disruptive DDoS events. ®
Get our [15]Tech Resources
[1] https://x.com/brewster_kahle/status/1844133492453671192
[2] https://haveibeenpwned.com/PwnedWebsites#InternetArchive
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/cybersecuritymonth&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZwdRbjfmiQq7f-id6ODhigAAAQw&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[4] https://x.com/brewster_kahle/status/1844183111514603812
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/cybersecuritymonth&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZwdRbjfmiQq7f-id6ODhigAAAQw&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/cybersecuritymonth&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZwdRbjfmiQq7f-id6ODhigAAAQw&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/cybersecuritymonth&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZwdRbjfmiQq7f-id6ODhigAAAQw&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2024/07/08/internet_archive_suffers_a_wobble/
[9] https://www.theregister.com/2024/09/05/appeals_court_internet_archive_copyright/
[10] https://www.theregister.com/2024/02/05/google_cache_flushed/
[11] https://www.theregister.com/2024/10/02/bank_of_america_outage/
[12] https://www.theregister.com/2024/09/05/appeals_court_internet_archive_copyright/
[13] https://www.theregister.com/2024/07/08/internet_archive_suffers_a_wobble/
[14] https://www.theregister.com/2024/05/29/ddos_internet_archive/
[15] https://whitepapers.theregister.com/
On Wednesday afternoon US time the outfit’s digital library Brewster Kahle [1]revealed a DDoS attack had made the site unavailable. The Register understand the outage may have lasted up to five hours, during which time visitors saw only a notification of the incident.
While that was happening, data leak notification service haveibeenpwned (HiBP) [2]posted news of a leak that saw 31,081,179 users’ accounts exposed. Register staff received mails from HIBP that state “The breach exposed user records including email addresses, screen names and bcrypt password hashes.”
[3]
Kahle later [4]confirmed the leak , writing that the service has detected “defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.”
[5]
[6]
The org has disabled the JS library, and is “scrubbing systems , upgrading security.”
Kahle offered no detail beyond that but promised to “share more as we know it.”
[7]
It is unclear if the DDoS and breach are linked.
The Register sought comment from the Archive but had not received a response at the time of publication.
[8]Internet Archive blames 'environmental factors' for overnight outages
[9]Of course the Internet Archive’s digital lending broke the law, appeals court says
[10]Google flushes cached search results forever
[11]Bank of America app glitch zeroes out people's balances
The two incidents continue an unhappy 2024 for the Internet Archive, which has [12]lost a case regarding its right to lend digital assets, gone offline due to [13]power failures , and endured other [14]disruptive DDoS events. ®
Get our [15]Tech Resources
[1] https://x.com/brewster_kahle/status/1844133492453671192
[2] https://haveibeenpwned.com/PwnedWebsites#InternetArchive
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/cybersecuritymonth&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZwdRbjfmiQq7f-id6ODhigAAAQw&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[4] https://x.com/brewster_kahle/status/1844183111514603812
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/cybersecuritymonth&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZwdRbjfmiQq7f-id6ODhigAAAQw&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/cybersecuritymonth&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZwdRbjfmiQq7f-id6ODhigAAAQw&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_specialfeatures/cybersecuritymonth&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZwdRbjfmiQq7f-id6ODhigAAAQw&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2024/07/08/internet_archive_suffers_a_wobble/
[9] https://www.theregister.com/2024/09/05/appeals_court_internet_archive_copyright/
[10] https://www.theregister.com/2024/02/05/google_cache_flushed/
[11] https://www.theregister.com/2024/10/02/bank_of_america_outage/
[12] https://www.theregister.com/2024/09/05/appeals_court_internet_archive_copyright/
[13] https://www.theregister.com/2024/07/08/internet_archive_suffers_a_wobble/
[14] https://www.theregister.com/2024/05/29/ddos_internet_archive/
[15] https://whitepapers.theregister.com/