true77
The Internet Archive is still facing ongoing attacks following a recent data breach and DDoS incidents that caused the site to go offline. The hacker responsible for the breach responded to inquiries from Mashable via the Internet Archive’s Zendesk platform.
The hacker, who remains anonymous, claims to have gained access to over 800,000 support tickets sent to the Internet Archive since 2018. Despite being alerted to the breach two weeks prior, the Internet Archive had not taken necessary security measures such as rotating API keys, leaving sensitive information vulnerable to exploitation.
The Internet Archive’s security breach highlights the importance of regularly rotating API keys to prevent unauthorized access to systems. In this case, the hacker was able to obtain emails, screen names, and encrypted passwords of 31 million users in the initial attack, and later accessed a vast trove of support tickets containing potentially sensitive information.
Despite the Internet Archive’s efforts to restore parts of its website, the damage caused by the attacks is significant. Users who interacted with the platform, whether for general inquiries or content removal requests, now face the risk of their data being in the hands of malicious actors.
The ongoing cybersecurity challenges faced by the Internet Archive serve as a reminder of the importance of robust security measures in safeguarding user data and maintaining the integrity of online services.
