Internet Archive breached twice within days



Hours later, Brewster Kahle, group chairman at the Internet Archive confirmed the attack on X. “Sorry, but DDOS folks are back and knocked http://archive.org and http://openlibrary.org offline,” he said in the post. “@internetarchive is being cautious and prioritizing keeping data safe at the expense of service availability.”

In a follow-up post, however, Kahle said “DDoS fended-off for now.” It was done, he clarified, by disabling the affected JS library, scrubbing systems, and upgrading security.

Failed rotation led to the second hack

In the emails that users received on Sunday, the threat actor said the stolen tokens could still be used since Internet Archive has still not rotated them. This included “a ZenDesk token with permissions to access 800k+ support tickets sent to info@archive.org since 2018.”

Recent Articles

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here