Yes, IA founder Brewster Kahle has disclosed the hack. - Alex
On Oct 9, 2024, at 9:08 PM, Tim Gladding via vcf-midatlantic <vcf-midatlantic@lists.vcfed.org> wrote:
Oh no! My unique 12 character username and unique 40 character password has been stolen!
Are IA even admitting to this? I don't see anything on their site warning users, and there is no prompt to change my now compromised password.
Seems like there is a separate issue of the site being DDoS'd. What a waste of time that must be.
On Wed, Oct 9, 2024 at 8:18 PM Christian Liendo via vcf-midatlantic < vcf-midatlantic@lists.vcfed.org> wrote:
A lot of us have logged into that site
https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-...
Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.
News of the breach began circulating Wednesday afternoon after visitors to archive.org began seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached.
"Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!," reads a JavaScript alert shown on the compromised archive.org site.
The text "HIBP" refers to is the Have I Been Pwned data breach notification service created by Troy Hunt, with whom threat actors commonly share stolen data to be added to the service.
Hunt told BleepingComputer that the threat actor shared the Internet Archive's authentication database nine days ago and it is a 6.4GB SQL file named "ia_users.sql." The database contains authentication information for registered members, including their email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data.
The most recent timestamp on the stolen records was ta is September 28th, 2024, likely when the database was stolen.
Hunt says there are 31 million unique email addresses in the database, with many subscribed to the HIBP data breach notification service. The data will soon be added to HIBP, allowing users to enter their email and confirm if their data was exposed in this breach.
The data was confirmed to be real after Hunt contacted users listed in the databases, including cybersecurity researcher Scott Helme, who permitted BleepingComputer to share his exposed record.