The Internet Archive project, which owns The Wayback Machine, suffered a data breach after its website was hacked and its user authentication database was stolen. The stolen database contains 31 million unique records. about this reports BleepingComputer edition.
Information about the hack began to spread after visitors to the Archive.org website saw an alert in the form of a JavaScript module created by hackers. The alert states that the Internet Archive has been hacked and provides a link to the Have I Been Pwned (HIBP) hack reporting service.
According to the report, attackers gained access to the Internet Archive authentication database nine days ago. The database contains authentication information for registered users, including email addresses, aliases, password change timestamps, passwords, and other internal data.
The latest timestamp on the stolen records shows September 28, 2024; This date is probably the date the database was stolen. The database contains 31 million unique email addresses.
Information about compromised accounts will soon be added to HIBP, allowing users to check if they were affected by the breach.
It is unknown how the attackers hacked the Internet Archive or whether any other data was stolen. It is known that before this, the project was subject to a prolonged DDoS attack for which the BlackMeta group claimed responsibility.
Hackers who previously hacked the Russian company Dr.Web stopped work site.