WASHINGTON: The Internet Archive, an online repository of web pages, was offline on Thursday (Oct 10) after its founder confirmed a major cyberattack that exposed the data of millions of users and left the site defaced.
The assault on the San Francisco-based nonprofit, claimed by a shadowy group that experts described as a pro-Palestinian “hacktivist”, lays bare the perils of cybersecurity breaches ahead of the Nov 5 US presidential election.
Brewster Kahle, the Internet Archive’s founder and digital librarian, acknowledged a series of distributed denial-of-service (DDoS) attacks – aimed at disrupting a website or server – since Tuesday and said the organisation was working to upgrade security.
The assault led to the “defacement of our website” and a breach of usernames, emails and passwords, Kahle wrote on X, formerly Twitter, late Wednesday.
In a new post early on Thursday, Kahle said the attackers had returned, knocking down both the Internet Archive’s main site and its “Open Library”, an open source catalogue of digitised books.
The Internet Archive’s data “has not been corrupted”, he wrote in a subsequent post.
“We are working to restore services as quickly and safely as possible,” he added.
On Wednesday, users reported a pop-up message claiming the site had been hacked and the data of 31 million accounts breached.
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach?” said the pop-up, apparently posted by the hackers.
“It just happened. See 31 million of you on HIBP!”
HIBP refers to site called “Have I been Pwned”,a site that allows users to check whether their emails and passwords have been leaked in data breaches.
In another post on X, HIBP confirmed that 31 million records from the Internet Archive had been stolen, including email addresses, screen names and passwords.
