The Internet Archive suffered a massive data breach at the popular Wayback Machine, where a user authentication database with 31 million unique records was stolen This is a major problem for anyone with an account on this popular site

The hackers created a JavaScript message alert claiming that they had stolen user data and that it would appear on Have I Been Pwned (HIBP) The message stated “Have you ever felt that the Internet Archive is running on a stick and is always on the verge of a catastrophic security breach? Well, that just happened, and we'll see you at HIBP in 31 million!”

As for the data the hackers obtained, HIBP creator Troy Hunt told BleepingComputer that Internet Archive users' email addresses, screen names, and password change time stamps, Bcrypt hashed passwords, and other internal data were contained in a large 64 GB SQL file named “ia_userssql”

The latest timestamp on the data is September 28, 2024, which appears to be the date the hackers obtained the data

If you are wondering if your information was stolen, it will be added to HIBP in the near future You can enter your email address on this site to see if you are among the 31 million people affected by this breach (or other hacks)

Interestingly, security researcher Scott Helme actually allowed BleepingComputer to publish his entry in the hacked database Here's what it says:

9887370, internetarchive@scotthelmecouk,$2a$10$Bho2e2ptPnFRJyJKIn5BiehIDiEwhjfMZFVRM9fRCarKXkemA3PxuScottHelme, 2020-06-25,2020-06-25,internetarchive@scotthelmecouk,2020-06-25 13:22:527608520, \N0NN@scotthelmeNNN

According to Helme, this record of bcrypt hashed password matched the brcrypt hashed password in his password manager, and the timestamp on the database record matched the date he last changed his password

For his part, Brewster Kahle, founder of the Internet Archive, finally opened up, and the company's founder posted on X about the situation; Kahle wrote, “What we know: we had a DDOS attack and so far it has been repelled; JS Library The website has been defaced via and username/email/salted encrypted password has been compromised”

Kahle also spoke about what the company did to address the problem: “What we did: disable the JS library, scrub the system, upgrade security”

From this information, it appears that Internet Archive is facing a data breach and a DDoS attack simultaneously, although the two attacks are not related

If this data breach affects you, the first thing you should do is change your password so that a malicious person cannot break into your Internet Archive account If you are using the same password for other services (which is not recommended), we recommend that you also change the passwords for any other services that use that password

Even though the hack did not involve payment information or Social Security numbers, you still want to check out the best identity theft protection services to ensure that your name is protected