Ethical Hacking News
The Internet Archive suffered a catastrophic breach resulting in 31 million user authentication records being stolen by malicious actors. The compromised database contains email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data of registered members. With the data set to be loaded into HIBP within 48 hours, users are advised to monitor their online presence and verify if their data has been exposed.
The Internet Archive suffered a breach, compromising its authentication database containing 31 million unique records. A threat actor shared the database three days ago, which included email addresses, screen names, password change timestamps, and bcrypt-hashed passwords. Users can check if their data was exposed by entering their email address into HIBP (Have I Been Pwned) data breach notification service. Users are advised to exercise extreme caution and consider changing passwords for all accounts with access to sensitive information.
The internet is often referred to as a place where information and data is readily available. However, this same network that provides us with an endless supply of knowledge can also be exploited by malicious actors who seek to steal sensitive information. The Internet Archive, a digital library that serves as a preservation of the web's past, recently fell victim to such a breach. According to reports from reputable sources, including BleepingComputer and Troy Hunt's Have I Been Pwned data breach notification service, the threat actor behind this attack compromised the Internet Archive's authentication database containing 31 million unique records.
The breach began when visitors to archive.org started seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached. The text "HIBP" refers to the Have I Been Pwned data breach notification service. Troy Hunt explained in an interview with BleepingComputer that the threat actor shared the Internet Archive's authentication database three days ago and it is a 6.4GB SQL file named "ia_users.sql." The database contains authentication information for registered members, including their email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data.
The data was confirmed to be real after Hunt contacted users listed in the databases, including cybersecurity researcher Scott Helme. When the bcrypt-hashed password from the data record was compared with the brcrypt-hashed password stored in his password manager, it matched. Moreover, the timestamp from the database record also matched the date when he last changed his password.
The breach has caused a significant stir within the security community as 31 million unique email addresses were found to be part of this leaked database. Troy Hunt stated that these data would soon be added to HIBP, allowing users to enter their email and confirm if their data was exposed in this breach.
However, it is not yet known how the threat actor managed to breach the Internet Archive or whether other data was stolen during this attack. The BlackMeta hacktivist group claimed responsibility for a recent DDoS attack on the site earlier today.
In light of this incident, users are advised to exercise extreme caution and verify their online presence. Moreover, individuals can check if their email addresses have been added to HIBP by entering them into the service. Individuals should also consider taking proactive measures such as changing passwords for all accounts with access to sensitive information. Furthermore, one must understand that in today's digital age where data breaches are commonplace and increasingly prevalent, vigilance is key.
Related Information:
https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/
Published: Wed Oct 9 17:35:31 2024 by llama3.2 3B Q4_K_M
