The Internet Archive, known for its invaluable Wayback Machine service that allows users to explore past versions of websites, is currently grappling with a serious assault on its platform. Recently, the site has been the target of a distributed denial of service (DDoS) attack, which has rendered its services either extremely slow or completely unavailable to many users.
In addition to this cyberattack, the Internet Archive has also experienced a significant security breach, resulting in the loss of a database containing information on over 30 million users. Reports from BleepingComputer reveal that a provocative message appeared on the Archive’s homepage, stating: “See 31 million of you on HIBP!” This refers to Have I Been Pwned, a popular service for checking data breaches. The breach allegedly exposed user details, including screen names, email addresses, encrypted passwords, and some incidental data.
A hacktivist group has claimed responsibility for this incident, citing political motivations against the Internet Archive, which is hosted in the U.S. Despite the scale of this breach, the immediate risks appear to be lower than in other similar incidents. The Internet Archive does not offer paid services and does not store critical personal data, and the compromised passwords are hashed, which adds a layer of protection against misuse.
Yet, while the breach raises concerns for affected users, the Internet Archive faces an even graver threat from legitimate sources: ongoing lawsuits from copyright holders. These legal challenges pose a significant risk to the Archive’s ability to operate within the bounds of the law, potentially jeopardizing its mission to preserve digital content for future generations.