HomeCII/OTThe Internet Archive data breach persists

The Internet Archive data breach persists

Published on

spot_img

The Internet Archive (IA), a nonprofit organization known for its popular digital library site, continues to face cybersecurity challenges following a series of recent attacks. After experiencing DDoS attacks, defacement, and a data breach, it has come to light that some of IA’s IT assets remain compromised, as revealed in an email sent through its Zendesk customer service platform.

The initial wave of attacks began two weeks ago, when pro-Palestinian hacktivists launched DDoS attacks that made the Internet Archive inaccessible. Prior to these attacks, a separate threat actor managed to compromise and extract the organization’s user database, which was then shared with security researcher Troy Hunt of Have I Been Pwned? The attackers even added a JavaScript pop-up to the site to announce their actions before launching the DDoS attacks. These incidents prompted IA to reassess its security practices and focus on restoring its services.

Despite these challenges, the Internet Archive’s Wayback Machine, a repository of archived web pages, was successfully brought back online last week. However, the organization’s troubles were far from over.

On October 18, IA’s founder Brewster Kahle reassured users that the stored data was secure and that various services, including the Wayback Machine, had resumed operations. Kahle emphasized the importance of strengthening their defenses and ensuring the Internet Archive’s resilience in the face of future threats.

Unfortunately, on Sunday, a new setback occurred when users who had previously contacted IA received unsolicited canned responses. It was revealed that a threat actor had exploited an exposed GitLab configuration file on one of IA’s development servers to access sensitive information. This breach allowed the attacker to infiltrate IA’s source code, user database, Zendesk customer support system, and potentially more.

Despite these challenges, there are some positive aspects to consider. Firstly, it appears that the threat actor’s motives were not malicious but rather aimed at highlighting IA’s security vulnerabilities. Additionally, the incident may raise awareness about the importance of the Internet Archive’s preservation efforts, potentially leading to increased support from donors and volunteers.

As of now, the Internet Archive has not publicly commented on the latest breach. However, it is evident that the organization is facing an uphill battle to secure its IT assets and protect the valuable data it houses. Moving forward, IA will need to implement robust security measures and remain vigilant against future cyber threats to maintain the integrity of its digital library.

Source link

Latest articles

Atrium Health to Pay $1.8 Million to Settle Web Tracker Lawsuit

Atrium Health Settles Class Action Lawsuit for $1.8 Million Over Web Tracking Practices In a...

Registration Now Open for International Cyber Expo 2026

International Cyber Expo 2026: A Premier Gathering for Cybersecurity Professionals Registration has officially opened for...

NCSC Promotes National Scale AI-Powered Cyber Shield for Defense

The United Kingdom's foremost cybersecurity agency has unveiled plans for an ambitious national initiative...

UK Cyber Resilience Pledge Welcomes 60 New Signatories

The UK government has initiated a significant step towards enhancing cybersecurity across the nation's...

More like this

Atrium Health to Pay $1.8 Million to Settle Web Tracker Lawsuit

Atrium Health Settles Class Action Lawsuit for $1.8 Million Over Web Tracking Practices In a...

Registration Now Open for International Cyber Expo 2026

International Cyber Expo 2026: A Premier Gathering for Cybersecurity Professionals Registration has officially opened for...

NCSC Promotes National Scale AI-Powered Cyber Shield for Defense

The United Kingdom's foremost cybersecurity agency has unveiled plans for an ambitious national initiative...