The Internet Archive is grappling with a significant cybersecurity crisis after a data breach exposed credentials of approximately 31 million users. This incident has led to the temporary shutdown of its platforms, Archive.org and OpenLibrary.org, raising alarms about the security of one of the largest digital libraries available.
The breach, confirmed by founder Brewster Kahle on October 9, included the exposure of email addresses and salted-encrypted passwords. In his announcement on X (formerly Twitter), Kahle detailed the dual assault: a data breach coupled with a distributed denial-of-service (DDoS) attack and website defacement. He stated, ‘DDoS attack -- fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we've done: Disabled the JS library, scrubbing systems, upgrading security.’
This incident underscores the vulnerabilities faced by digital platforms and the critical need for robust cybersecurity measures to protect user data.