The Internet Archive has suffered another data breach, where a threat actor gained access to email addresses from users who submitted support requests. The hackers demonstrated the breach by replying to Zendesk support tickets, claiming they had access to over 800,000 support tickets since 2018. This includes sensitive information such as email addresses and potentially encrypted passwords from users who requested removal from the Wayback Machine or sought general assistance.
The message from the attackers criticized the Internet Archive for failing to rotate exposed API keys, despite being notified of the breach weeks ago. This breach follows recent cybersecurity incidents, including a distributed denial-of-service (DDoS) attack and a prior breach compromising 31 million unique user records.
Users affected by this breach can verify if their information was exposed by using the Have I Been Pwned website.
Currently, the Internet Archive is partially operational, with only certain services like the Wayback Machine and Archive-It.org accessible. According to the latest update on October 17, the site remains in read-only mode as the team works to enhance security measures. The Internet Archive has stated that they are taking a cautious approach to strengthen their defenses before full restoration.
