Skip to main content

The Wayback Machine has been hacked, and the internet isn’t happy about it

A person using a laptop with a set of code seen on the display.
Sora Shimazaki / Pexels

The Internet Archive is the type of target you’d hope never gets exposed. The organization’s Wayback Machine is a digital archive of the internet, and thus, contains an absolute goldmine of data. Yet, here we are. Data breaches and hacks happen all the time, but I’ve never seen so much vitriol toward the hackers on Twitter and Reddit than with this incident. People are already comparing it to the burning of the library of Alexandria.

So, what happened? The situation is ongoing, but here’s what we know right now, starting with the data breach. Hacking group SN_Blackmeta allegedly stole 31 million emails, passwords, and usernames from the Internet Archive’s Wayback Machine in an attack that likely occurred on September 28, 2024, according to Bleeping Computer reports.

Recommended Videos

Users discovered the breach when the following pop-up message was displayed using a JavaScript library: “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!.”

The breach was confirmed when Troy Hunt, the creator of Have I Been Pwned, told Bleeping Computer that the hackers shared the Internet Archives’ authentication database nine days ago. The database is a 6.4GB SQL file called “ia_users.sql.”

Other data stolen include Bcrypt-hashed passwords, password change time stamps, and other internal data. The latest time stamp gave the September date as the breach date. The stolen data should be added to the HIBP site so users can check if their data is compromised. So far, there is no official information on how the hackers stole the information or if any other data was compromised.

Separately, the Internet Archive owner, Brewster Khale, also confirmed a DDoS attack that brought the site down. A Distributed Denial of Service (DDoS) attack floods a website with malicious traffic to slow it or shut it down completely. According to Kahle, the first DDoS attack appears to have happened on October 8, taking archive.org down, only to have the same attack repeated on October 10.

What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.

What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.

Will share more as we know it.

— Brewster Kahle (@brewster_kahle) October 10, 2024

The hackers have reportedly confirmed that this is not the only attack they will perform since they have confirmed additional attacks. To sum it up, the site is experiencing two types of attacks: DDoS and data breach, but right now, the two haven’t officially been linked.

The last official update from the Internet Archive was from early this morning, and archive.org remains down.

Judy Sanhz
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
No, Intel isn’t blaming motherboard makers for instability issues
Intel's 14900K CPU socketed in a motherboard.

Over the past few days, there's been a firestorm online regarding a statement Intel made on the wave of instability issues facing high-end Intel CPUs. The original statement, which was shared with Igor's Lab and others, appears like Intel wiping its hands clean of the problem and placing blame on motherboard vendors, and several media outlets have ran with that exact story. That's not exactly what's going on.

In statements shared with both Tom's Hardware and AnandTech, Intel specifically says it doesn't intended to "ascribe blame to Intel's partners." Currently, it seems that some BIOS adjustments can fix the instability problems on high-end Intel CPUs, but the investigation with Intel and its motherboard partners is still ongoing. Here's the statement in full:

Read more
How to tell if your webcam has been hacked
Razer webcam sitting on top of a monitor.

Having your webcam hacked is a terrifying prospect for many -- and a good reason to use a dedicated webcam cover. Not only does it represent an incredible invasion of privacy, but it has the potential to grab biometric data and other personal information that could be used to further expose you and steal your identity.

Often a hacked webcam is just part of a comprehensive malware assault, though, so protecting yourself against it involves having some of the best antivirus protection you can, while keeping your system updated. Even with robust protections in place, though, you should always keep an eye out for the tell-tale signs of a hacked webcam. Here's what to look out for.
The light on your webcam turns on at strange times

Read more
This might be why AMD’s FSR 3 isn’t picking up momentum
Combat in the game Nightingale.

AMD's platform-agnostic FSR 3 is a great feature, but months after releasing, it's only available in a small list of titles. Now, we might finally have a clue as to why.

Developers of the upcoming open world survival game Nightingale posted a development update stating that it was removing FSR 3 due to crashes. "After reviewing crash data from the Server Stress Test, a significant number of them seemed to point to FSR3 integrations, whether or not users had the setting turned on," a prelaunch update post reads.

Read more