9mo ago

The internet archive may have just suffered a security breach

eepy.moe

Julia :v_trans: :v_bi: (@julia)

Per their error message, "See 31 million of you on HIBP!"

If anyone can provide a slightly more up-to-date souce (their X post, for example) I'd appreciate it

Hacker News post: https://news.ycombinator.com/item?id=41792500

34 comments

Of all the things to target, did they really have to go for the IA - the organisation that literally got into trouble with the man for helping children get access to books during the pandemic.
Does this hacker kick puppies and steal sweets from babies too?
- Hacker is probably funded by corporate book sellers who want IA shut down.
  
  According to the article some org called SN_blackmeta claimed and a Google search seems to suggest they are a pro Palestinian group based out of Russia with makes zero sense so I’m gonna go with random Russian cunts are doing it, but you might be right as well with corpos mad about IA Edit: the article -> https://www.theverge.com/2024/10/9/24266419/internet-archive-ddos-attack-pop-up-message
  
  i'm gonna go with china, russia, or 'middle eastern' (of some sort), butthurt over availability of certain user-uploaded content.
- probably deploys ransomware to children's hospitals
- I genuinely don't know... there doesn't seem to be any ongoing discussion of who or why are these people targeting IA. There are other people who are trying to rescue data stored on IA
  Hope this would be over soon...
- Most attacks aren't targeted. They hit anyone they can.
  
  Brother this message is very targeted.
  
  Yeah, I've see people speculating that it could be some corporate hit-job on behalf of book publishers, and I get it, that exotic possibility is attractive, but reality is usually much more mundane. It's likely to just be some randos doing it for the lulz and IA was vulnerable for whatever reason. Book publishers have sadly been enjoying plenty of success in court against IA. They don't need to get their hands dirty.
They were right
- Yeah I got it too, it sucks
Digging deeper into the comments it seems someone found the message was from a compromised polyfill code that was running on IA. Now the website is down from a ddos. From what I can see there's no reason to believe their servers and the data therein have been compromised.
- I did get an email from HIBP so at the very least they got my email
Corpos getting mad Internet Archive backdoors their copywrong.
There's no "may" about it. The Ars Technica article indicates that the Internet Archive's front page was (briefly) altered in addition to the account data being stolen.
The Internet Archive is being DDOSed for the lulz.
https://mastodon.archive.org/@textfiles/113279179271574005
Why do we have to sign up to every fucking thing and it's brother? Everything gets hacked eventually. Why don't we just hand over our data to the hackers and cut out the middle man?
- If you have a point to make, it's alluded me.
This is sad. The Internet Archive and Wikipedia are two pillars for the web, the only big websites that are not controlled by big corporations.
Ah great I made an account on there recently too
Hopefully i didn't had an account

34 comments