Cybercriminals have stolen the login information of 31 million users of the digital library, the world's web memory.

A pop-up window announcing a data breach appeared on the homepage of the Internet Archive website on October 9, 2024. Cybercriminals claimed to have stolen login information belonging to 31 million users of this digital library, which preserves the content of the global web.

The stolen data includes email addresses, usernames, some passwords hashed with the Bcrypt algorithm, and a schedule of password changes. Brewster Kahle, the founder of the Internet Archive, confirmed the breach and stated that it originated from a vulnerable JavaScript library, which has since been disabled.

The Internet Archive was also the target of several DDoS attacks on October 9 and 10, 2024, claimed by the hacktivist group SN_BlackMeta. These attacks took several of the foundation’s domains offline, though no link has been established between the two incidents. Neither SN_BlackMeta nor any other cybercriminal group has claimed responsibility for the data theft.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.