The Internet Archive, a non-profit organization renowned for its preservation of digital history through the Wayback Machine, has experienced its third major cyberattack in October 2024. In this recent breach, hackers exploited unrotated API tokens to gain unauthorized access to the Archive’s Zendesk support platform, potentially putting sensitive user data at risk.
This breach comes on the heels of two earlier attacks in the same month, creating a challenging period for the organization that serves as a crucial resource for researchers, historians, and the public. The breach threatens to expose personal identification documents submitted by users in support tickets dating back to 2018.
The primary driver of the October 20 cyberattack appears to be the Internet Archive’s failure to rotate API tokens for its Zendesk system. Despite being aware of previous security vulnerabilities, the organization did not take the necessary steps to secure its API, allowing hackers to exploit these tokens and access the support platform containing sensitive user information.
The compromised data may include personal identification documents and other sensitive information submitted by users seeking assistance with various Archive services. The full extent of the data breach is still being assessed, but the potential for privacy violations is concerning.
In response to the breach, Brewster Kahle, the founder of the Internet Archive, acknowledged the security lapses and highlighted ongoing efforts to enhance security measures. Kahle emphasized the dedication of the organization’s teams in securing the platform and ensuring the safety of user data.
The public has shown support for the Internet Archive during this challenging time, with many expressing solidarity on social media platforms like Twitter. Messages like “We stand with @internetarchive” demonstrate the community’s backing for the organization.
This breach is part of a series of cyberattacks that have targeted the Internet Archive in October. The initial attack on October 9 exposed the personal information of 31 million users, including usernames, email addresses, and encrypted passwords. Subsequent attacks, including a DDoS attack and website defacement, further highlighted vulnerabilities in the Archive’s security infrastructure.
The potential fallout from the breaches includes an increased risk of identity theft and cybercrime for affected users. The Internet Archive’s failure to rotate API tokens and address security vulnerabilities in a timely manner has been a significant factor in the repeated breaches.
In response to these incidents, the Internet Archive has committed to strengthening its security practices, including upgrading systems, rotating API tokens, and conducting thorough security reviews. However, rebuilding trust with users and preventing future breaches will require sustained vigilance and a renewed focus on cybersecurity.
Overall, the Internet Archive’s experiences serve as a cautionary tale for organizations regarding the importance of prioritizing cybersecurity and addressing known vulnerabilities to protect sensitive data and maintain trust with users. The repercussions of security lapses can have far-reaching consequences, as demonstrated by the challenges faced by the Archive in October 2024.