The Internet Archive, a cornerstone resource for preserving web history through its Wayback Machine, is currently navigating turbulent waters following a significant attack on its systems. Recently, the site suffered a distributed denial of service (DDoS) attack, severely impacting its availability, with many users experiencing extremely slow load times or total outages.
Compounding this issue, the Internet Archive has reportedly lost a database containing sensitive information on over 30 million users. According to reports from BleepingComputer, a pop-up message appeared on the main page of the Internet Archive, mockingly stating: “See 31 million of you on HIBP!” This message references Have I Been Pwned (HIBP), a well-known site that catalogs data breaches and allows users to check if their information has been compromised. The breach includes critical user details such as screen names, email addresses, and encrypted passwords, raising concerns among those affected.
A hacktivist group has claimed responsibility for this breach, alleging political motives tied to grievances against the American-hosted Internet Archive. While the implications of this data breach are concerning for users, the immediate risk appears somewhat mitigated. The Internet Archive does not provide paid services or hold critical personal information, and the compromised passwords are encrypted, which lessens the risk of immediate harm compared to other data breaches.
However, the Internet Archive is facing an existential challenge from a different direction: legal actions from copyright holders. These lawsuits threaten the very foundation of its operations and could have long-lasting implications for its mission to archive and preserve digital history.