The Internet Archive, known for its “Wayback Machine,” has experienced a major data breach. Hackers managed to break into the website and steal a database containing information on 31 million users.
The news spread quickly on Wednesday when visitors to archive.org saw a message from the hacker through a pop-up. The message claimed that the Internet Archive had been compromised and that data from 31 million users would soon be available on “Have I Been Pwned” (HIBP). HIBP is a popular service where people can check if their personal information has been exposed in data breaches.
Troy Hunt, the creator of HIBP, confirmed that the stolen data was sent to him. The stolen file, about 6.4GB in size, contains information like email addresses, usernames, and securely encrypted (bcrypt-hashed) passwords, along with other internal details. The most recent data in the file is from September 28, 2024, which is likely when the breach occurred.
There are 31 million unique email addresses in the file, and many of these users are already signed up for HIBP notifications. Soon, anyone can use HIBP to check if their data was part of this breach.
Hunt confirmed the data’s authenticity by reaching out to people listed in the database. One cybersecurity researcher, Scott Helme, allowed his exposed record to be shared. Helme confirmed that the stolen information, including his encrypted password and the time of his last password change, matched what he had stored in his password manager.
It’s still unclear how the hackers got into the system or if any other data was stolen. To make matters worse, the Internet Archive was also hit by a DDoS attack, which was claimed by a hacktivist group called BlackMeta. They have threatened more attacks in the near future.