HomeCII/OTInternet Archive Suffers a Defeat in Round 2 Breach.

Internet Archive Suffers a Defeat in Round 2 Breach.

Published on

spot_img

The Internet Archive, a digital library website, is once again facing trouble just days after recovering from a data breach and distributed denial-of-service (DDoS) attacks that temporarily took it offline. This time, unknown bad actors have reportedly obtained access tokens to the archive’s Zendesk implementation, allowing them to send a mass email to users who interacted with the platform.

In the email, the hackers criticized the Internet Archive for not rotating API keys exposed in their GitLab secrets, including a Zendesk token with permissions to access over 800,000 support tickets dating back to 2018. The hackers claimed that users’ data is now in the hands of unauthorized individuals, raising concerns about privacy and security breaches.

Chris Hickman, the chief security officer of Keyfactor, suggested that the hackers may not have malicious intent but are trying to highlight the importance of proactive security measures. He emphasized the risks of not regularly rotating tokens, which can lead to unauthorized access, service disruptions, and damage to a company’s reputation.

Despite the breach, the Internet Archive has not issued any public statements. However, the organization recently appealed for donations to support its mission of providing open access to knowledge resources. This latest incident underscores the ongoing challenges of cybersecurity and the need for vigilance in protecting sensitive information online.

As the Internet Archive works to address this latest breach, users are reminded to exercise caution when sharing personal information online and to remain vigilant against potential threats. By staying informed about cybersecurity best practices and taking proactive steps to secure their data, individuals can help mitigate the risks of cyber attacks and safeguard their online privacy.

Source link

Latest articles

UK Cyber Resilience Pledge Welcomes 60 New Signatories

The UK government has initiated a significant step towards enhancing cybersecurity across the nation's...

Court Filing Discloses How Windows Device ID Aided FBI in Tracking Alleged Scattered Spider Hacker

Federal Complaint Links Alleged Scattered Spider Hacker to High-Profile Jewelry Retailer Breach U.S. prosecutors have...

13 High-Paying IT Security Certifications to Consider

OffSec: Elevating Skills in Offensive Security with OSEP and OSEE Certifications In today’s rapidly evolving...

China-Aligned UNK_MassTraction Targets Universities by Exploiting Roundcube Servers

China-Aligned Cyber Threat: UNK_MassTraction Exploits Security Flaws in North American Universities A newly identified cyber...

More like this

UK Cyber Resilience Pledge Welcomes 60 New Signatories

The UK government has initiated a significant step towards enhancing cybersecurity across the nation's...

Court Filing Discloses How Windows Device ID Aided FBI in Tracking Alleged Scattered Spider Hacker

Federal Complaint Links Alleged Scattered Spider Hacker to High-Profile Jewelry Retailer Breach U.S. prosecutors have...

13 High-Paying IT Security Certifications to Consider

OffSec: Elevating Skills in Offensive Security with OSEP and OSEE Certifications In today’s rapidly evolving...