Hackers have again created havoc with the Internet Archive and its Wayback Machine, just one day after the site reported it had been restored. While Archive-It and the Internet Archive blog are still up, currently, the rest of IA’s services are seemingly unavailable.
That means if you’re an avid user of the digital library, expect the platform to be down until further notice. It’s frustrating, and unfortunately, we don’t have any details about when the website will be back up.
The Fourth Outage This Month
Many consider the Internet Archive’s Wayback Machine to be an important historical resource. Its libraries contain valuable data regarding the internet’s past, including previous versions of websites.
This is the fourth time since the start of the month that cyberattacks have disabled the site. But the trouble initially started a bit earlier. On October 11th, we reported a data breach in late September that had compromised personal details for over 31 million accounts. The breach allowed hackers to gain access to screen names, emails, and encrypted passwords.
Additionally, a DDoS attack on October 9th brought archive.org offline. Beginning that evening, users who logged into the site received a strange pop-up that stated:
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP.” The acronym referencing “Have I Been Pwned,” a site that informs users when data breaches occur.
The group responsible for the October 9th attack claimed political motives. However, social media comments were quick to note that the Internet Archive is a 503c non-profit that has no governmental affiliation.
A second and third breach over the last two weeks allowed a cybercriminal to break into Archive’s Zendesk support system. In a bold move, the malcontent even fielded requests from folks attempting to get support from the Internet Archive.
One of those requests was an email from Mashable staff. On Sunday, Mashable received a response written by the previous hacker, to an email sent through IA’s Zendesk support system. The reply implied the motivation for the attack was due to a failure of the Internet Archive to rotate certain API keys. Mashable also reported the attacker claimed to have access to over 800,000 support tickets going back as far as 2018.
Today’s attack has again brought archive.org to its knees. Yet, it’s unclear who is responsible, or the nature of their motives. Still, the shutdown is another blow to a site recently pummeled by a slew of keyboard criminals.
Should I Be Concerned?
As we stated in our first report, there’s no sign that this attack will create individual issues. But, if you maintain an account on archive.org, you might want to take appropriate security measures just to be safe. Especially if you’re a person who is particularly anxious about your data. There’s no indication, however, that this attack was performed with the intent of stealing additional data from users. At this point, it seems the main goal was only to bring archive.org offline.
