The Internet Archive was recently the victim of a data breach that exposed information of 31 million users, including usernames and email addresses. The group SN_Blackmeta has claimed responsibility for a concurrent DDoS attack that took the site offline. The party behind the data breach remains unidentified.
The nonprofit Internet Archive is crucial in preserving web content, operating the popular Wayback Machine that allows visitors to view historic versions of websites.
The cause of the data breach remains unclear, with speculation in the information security community suggesting that credentials for the Internet Archive’s servers may have been discovered in the logs of “information stealer” malware.
For more than a decade, Internet Archive has been inadvertently exposing the email addresses of users who uploaded files to its library. Despite claims of not sharing uploader email addresses, the metadata file generated upon upload includes the uploader’s email address.
Users have raised concerns about the visibility of email addresses on Internet Archive’s site for years, with no action taken by the Archive to address the issue.
It is important for users to use unique and random passwords for each account to mitigate the impact of potential breaches. Setting up unique usernames and email addresses for online accounts can further enhance security.
