The Internet Archive and Indian health insurance provider Star Health have recently come under scrutiny following significant data breaches. The Internet Archive disclosed a breach that compromised a user authentication database containing 31 million distinct email addresses, potentially affecting many registered users. The breach was reportedly executed by a malicious actor who accessed a 6.4GB SQL file titled 'ia_users.sql' that includes sensitive user information such as Bcrypt-hashed passwords and timestamps for password changes. The incident was brought to light when users encountered a JavaScript alert on the archive.org site, indicating the breach. Cybersecurity expert Troy Hunt confirmed the authenticity of the compromised data and has initiated a disclosure process with the Internet Archive, which remains unresponsive. Additionally, the Internet Archive is facing a DDoS attack attributed to the BlackMeta hacktivist group.
In a separate incident, Star Health has acknowledged a cyber attack that led to the exposure of over 30 million client records. Initially, the company downplayed the severity of the breach, claiming that sensitive data remained secure. However, the hacker known as 'xenZen' has since claimed responsibility, alleging that they obtained the data directly from Star Health's Chief Information Security Officer (CISO). This breach includes sensitive information such as body mass index and national identity card images. Star Health has initiated a forensic investigation and is cooperating with regulatory authorities while also pursuing legal action against Telegram and other parties involved in facilitating the leak. The company is seeking to prevent further dissemination of the stolen data through court intervention.
Both incidents highlight the increasing vulnerability of organizations to cyber threats and the significant implications for data security and privacy. Ongoing investigations are expected to reveal more about the extent of these breaches and the measures necessary to prevent future occurrences.