The Internet Archive hacked: info from 31 million accounts leaked

data breach

Hackers penetrated The Internet Archive Wednesday afternoon. They leaked numerous data including e-mail addresses, names and encrypted passwords.

Hackers have made off with data from 31 million accounts of The Internet Archive. This was evident from a notification that appeared on the site, which stated that that data was going to appear on the website Have I Been Pwned. Meanwhile, founder Brewster Kahle announced in a post on X that The Internet Archive’s Wayback Machine has resumed in a “read-only” fashion. The option to save pages via ‘Save Page Now’ is not yet operational.

Senseless cyber attack

The notification was set via a JavaScript framework after The Internet Archive was hit by a DDoS attack. Unlike the cyber attack on Duvel Moortgat earlier this year, the hackers did not demand a ransom in this case. An employee of Have I Been Pwned confirmed to Bleeping Computer that he had obtained a file containing e-mail addresses, names, encrypted passwords and other internal data from 31 million unique accounts. Upon verification, that data was effectively found to be valid.

The so-called X-account SN_Blackmeta claims the cyber attack and claims another one is planned for today. “According to their X-account, they are just doing it because they can. No explanation, no reason, no demands,” said an archivist at The Internet Archive. The site increased its security after this leak, The Verge knows.

Have I Been Pwned is a free database where people can check if their data is involved in a breach or if their account has been hacked and their data leaked by cybercriminals. The company revealed via X that 54 percent of accounts were already involved in previous breaches.

Back online

Founder Brewster Kahle announced via a post on X that The Internet Archive’s Wayback Machine is currently resumed in a “read-only” fashion. Furthermore, the Save Page Now feature has not yet been made available. According to Kahle, the site may have to go back offline for maintenance.

This article originally appeared on Thursday, Oct. 10. It has been updated with the latest information.