This month alone, the Internet Archive has experienced 3 cyberattacks, and the latest breach happened just over the weekend, on the 20th. Hackers were able to get access to the Archive鈥檚 Zendesk platform using unrotated API tokens, exposing user data stored in support tickets.
The first attack on October 9 involved hackers exploiting a GitLab token that had been publicly exposed since 2022. This allowed them to steal source code and sensitive information from 31 million users. The mid-October attack also targeted the Zendesk platform, where hackers exploited the same unrotated tokens. The data stolen includes support requests going back to 2018, some containing personal identification documents.
听
How Did Hackers Gain Access To Sensitive Information?
听
Hackers used unrotated tokens鈥 digital keys that grant access to systems鈥 to breach the Internet Archive鈥檚 platforms. During the October 9 breach, they exploited a GitLab token, which then gave them entry to the Archive鈥檚 development environment and user database. This exposed email addresses, hashed passwords, and other user details.
The tokens should have been replaced after the initial breach, but this did not happen. Hackers exploited the same vulnerability in mid-October to gain access to Zendesk, where they retrieved thousands of support tickets. These tickets included personal documents, making the breach even more serious.
The problem continued into the October 20 breach, showing that the Archive鈥檚 systems were not properly secured. Experts have shared why token management is important, as unrotated keys allowed attackers to repeatedly access sensitive information across multiple attacks.
听
More from News
- From Workouts To Managing Jetlag: The British Tech Scale-Up That Just Hit One Million Users Globally Appoints New CEO
- Hackers Tricked Instagram鈥檚 AI To Leak Your Log In Details 鈥 How Can Users Stay Protected?
- New Research Reveals The UK鈥檚 Top 10 鈥淔uture-Ready鈥 Cities
- New Research Shows How Elections Are Impacting The Job Market 鈥 Here鈥檚 How
- Is London Becoming The World鈥檚 Next AI Capital?
- Google鈥檚 AI Can鈥檛 Even Spell 鈥淕oogle鈥 鈥 So Why Is It Replacing Search?
- Will AI Labels Actually Save YouTube From AI Slop?
- The Rise Of 鈥淣ew Brand鈥 Cybercrime Groups And The Business Of Ransomware
听
Why Was The Internet Archive A Target?
听
The motivation behind these attacks seems to be about reputation, rather than finances. In hacker communities, gaining access to prominent organisations is seen as a way to build status. The Internet Archive, a well-known platform with a large collection of digital materials, became an appealing target.
The Archive holds billions of web pages, videos, books, and historical content, which makes it culturally important. Although no ransom demands were made, the attack still gave hackers credibility within underground networks. The stolen data may be circulated among other groups, posing additional risks.
听
What Did The Founder Say?
听
Brewster Kahle, founder of the Internet Archive, acknowledged the breaches and reassured users that they are working on bettering their security. Public support for the Internet Archive also started to go up after the attacks, with users showing solidarity through social media. Posts with the message 鈥淚 stand with @internetarchive鈥 spread across platforms, showing appreciation for the Archive鈥檚 mission to preserve digital history.
The Archive will be reviewing its security practices and do what they can to prevent more breaches. Cybersecurity experts. Users should also stay alert and protect their personal data while the Archive works on fixing its security issues.
Users whose data was compromised may face phishing attacks, as hackers could use the stolen information to create convincing fake emails. These emails might ask for login credentials or personal details, putting users at risk of further identity theft.
Security experts recommend that all affected users change their passwords and be alert for phishing attempts. Hackers may try to exploit the stolen data to gain access to other platforms, using personalised emails that appear legitimate.
