The Internet Archive has suffered a data breach, exposing sensitive information from approximately 31 million user accounts.
The breach, confirmed late Wednesday by founder Brewster Kahle, involved unauthorized access to the site’s user authentication database.
The Breach: What We Know
The incident came to public attention when visitors to archive.org encountered a JavaScript alert created by the threat actor, mockingly announcing the breach.
The compromised database, a 6.4GB SQL file, contains user authentication information including email addresses, screen names, password change timestamps, and Bcrypt-hashed passwords.
Troy Hunt, founder of the Have I Been Pwned (HIBP) data breach notification service, verified the authenticity of the stolen data.
Let me share more on the chronology of this:
— Troy Hunt (@troyhunt) October 9, 2024
30 Sep: Someone sends me the breach, but I'm travelling and didn't realise the significance
5 Oct: I get a chance to look at it – whoa!
6 Oct: I get in contact with someone at IA and send the data, advising it's our goal to load…
According to Have I Been Pwned, 54% of the compromised accounts were already listed in their database from previous breaches.
The most recent timestamp in the stolen records dates to September 28, 2024, suggesting this may have been when the data was extracted.
Current Status
Kahle confirmed that the organisation has disabled the compromised JavaScript library and is actively working on security improvements.
As at the time of writing this, the website is live and users can log in.
What to Do If You’re Affected
If you have an Internet Archive account, take these immediate steps to protect yourself:
1. Change Your Password Immediately
- Log into your Internet Archive account and change your password
- Use a strong, unique password not used on any other site
- Consider using a password manager for better security
2. Check Other Accounts
- If you’ve used the same password elsewhere, change those immediately
- Pay special attention to critical accounts (email, banking, social media)
3. Monitor Your Accounts
- Watch for suspicious activity on all your online accounts
- Enable two-factor authentication where available
- Be alert for potential phishing attempts using your exposed email
4. Register with Have I Been Pwned
- Visit haveibeenpwned.com to check if your email was exposed
- Sign up for future breach notifications
- Consider using their password-monitoring service
Protecting Yourself from Future Data Breaches
To minimise risk from future data breaches:
- Use unique passwords for each online account
- Implement a password manager to generate and store complex passwords
- Enable two-factor authentication whenever possible
- Regularly monitor your accounts for suspicious activity
- Consider using disposable email addresses for non-critical services
- Limit the personal information you share online
The Internet Archive has stated they will provide updates as more information becomes available. Users can follow their X (formerly Twitter) account @internetarchive for the latest developments.
This is a developing story and will be updated as new information emerges.
