HomeTechHack on Wayback Machine exposes 31,000,000 people's details

Hack on Wayback Machine exposes 31,000,000 people’s details

Date:

Related stories

Beautiful European ski resort which has been named the best in the world

A beautiful skiing resort in Europe has been named...

UK Pizza Hut to raise funds after Budget tax hikes

The operator of Pizza's Hut restaurants in the UK...

Unlikely city hailed best value Christmas market – boasting FREE festive train

In any discussion of Europe's best Christmas markets, the...

Trump picks oil fracking CEO as his choice for energy secretary – cabinet updates

Rhian Lubin16 November 2024 21:20ICYMI: Woman testified to House...
spot_imgspot_img

The Wayback Machine became the target of hackers (Picture: Getty Images)

Hackers have launched a cyberattack on the Internet’s history weeks before Kamala Harris and Donald Trump will face off in the US presidential election.

The Internet Archive, a non-profit which operates the Wayback Machine, became the target of a data breach on Thursday.

Details of at least 31 million people were compromised as a result, including their email addresses, screen names and passwords.

An account on X under the name SN_BlackMeta has claimed responsibility for the attack and implied that further action is planned.

The Internet Archive is known for its digital library and the Wayback Machine.

The first clue that something had gone wrong came from the service itself as the display of a JavaScript alert popped up for visitors to the archive.org site.

It read: ‘Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach?

‘It just happened. See 31 million of you on HIBP!’

The breach was accompanied by a series of Distributed Denial-of-Service (DDoS) attacks that temporarily took down the organisation’s website, archive.org.

The Internet Archive services are still offline, including Wayback Machine which is also inaccessible right now.

Troy Hunt, the founder of the Have I Been Pwned data breach notification service referenced in the hacker’s note, told Bleeping Computer, that the threat actor had shared a 6.4GB database with them some days ago.

It contains authentication information for registered members, including emails, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data.

It was hours later that the Internet Archive finally confirmed the incident.

Brewster Kahle, digital librarian at the organisation, posted on X: ‘What we know: DDoS attack – fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.

‘What we’ve done: Disabled the JS library, scrubbing systems, upgrading security. Will share more as we know it.’

In an update late last night, he apologised for the disruption, but said that data has not been corrupted.

‘Services are currently stopped to upgrade internal systems. We are working to restore services as quickly and safely as possible,’ he added.

Get in touch with our news team by emailing us at webnews@metro.co.uk.

For more stories like this, check our news page.

- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories

spot_img