This month alone, the Internet Archive has experienced 3 cyberattacks, and the latest breach happened just over the weekend, on the 20th. Hackers were able to get access to the Archive’s Zendesk platform using unrotated API tokens, exposing user data stored in support tickets.
The first attack on October 9 involved hackers exploiting a GitLab token that had been publicly exposed since 2022. This allowed them to steal source code and sensitive information from 31 million users. The mid-October attack also targeted the Zendesk platform, where hackers exploited the same unrotated tokens. The data stolen includes support requests going back to 2018, some containing personal identification documents.
How Did Hackers Gain Access To Sensitive Information?
Hackers used unrotated tokens— digital keys that grant access to systems— to breach the Internet Archive’s platforms. During the October 9 breach, they exploited a GitLab token, which then gave them entry to the Archive’s development environment and user database. This exposed email addresses, hashed passwords, and other user details.
The tokens should have been replaced after the initial breach, but this did not happen. Hackers exploited the same vulnerability in mid-October to gain access to Zendesk, where they retrieved thousands of support tickets. These tickets included personal documents, making the breach even more serious.
The problem continued into the October 20 breach, showing that the Archive’s systems were not properly secured. Experts have shared why token management is important, as unrotated keys allowed attackers to repeatedly access sensitive information across multiple attacks.
More from News
- The Purpose of Daylight Savings in the Business World
- Building A Unicorn Startup With ADHD
- Is Siri More Powerful Than ChatGPT?
- Could Huawei’s New Products Put Them In The Lead In The Tech World?
- Apple Pay Introduces New Feature On 10 Year Anniversary Of Release
- Meta Is Letting Go Of Several Workers Across WhatsApp And Instagram
- Will Taboola’s New AI Assistant, Abby Take Over Google And Facebook Ads?
- Top 10 Taboola Alternatives
Why Was The Internet Archive A Target?
The motivation behind these attacks seems to be about reputation, rather than finances. In hacker communities, gaining access to prominent organisations is seen as a way to build status. The Internet Archive, a well-known platform with a large collection of digital materials, became an appealing target.
The Archive holds billions of web pages, videos, books, and historical content, which makes it culturally important. Although no ransom demands were made, the attack still gave hackers credibility within underground networks. The stolen data may be circulated among other groups, posing additional risks.
What Did The Founder Say?
Brewster Kahle, founder of the Internet Archive, acknowledged the breaches and reassured users that they are working on bettering their security. Public support for the Internet Archive also started to go up after the attacks, with users showing solidarity through social media. Posts with the message “I stand with @internetarchive” spread across platforms, showing appreciation for the Archive’s mission to preserve digital history.
The Archive will be reviewing its security practices and do what they can to prevent more breaches. Cybersecurity experts. Users should also stay alert and protect their personal data while the Archive works on fixing its security issues.
Users whose data was compromised may face phishing attacks, as hackers could use the stolen information to create convincing fake emails. These emails might ask for login credentials or personal details, putting users at risk of further identity theft.
Security experts recommend that all affected users change their passwords and be alert for phishing attempts. Hackers may try to exploit the stolen data to gain access to other platforms, using personalised emails that appear legitimate.
