Skip to Main Content
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

Hacker Defaces Internet Archive, Steals Data on 31 Million Users

A hacker briefly managed to display a pop-up on the site, claiming the Internet Archive had suffered a 'catastrophic security breach.' The breach has since been confirmed.

October 9, 2024
Wayback Machine from Internet Archive (Credit: Sharaf Maksumov/Shutterstock.com)

A hacker appears to have broken into the Internet Archive, stealing information on millions of users. On Wednesday, the main domain for the site briefly displayed a pop-up, claiming the Internet Archive had suffered a “catastrophic security breach.”

Several users spotted the mysterious pop-up before the Internet Archive’s main site at web.archive.org and its Wayback Machine went offline due to an apparent DDoS attack.

“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!” the pop-up told users. 

HIBP refers to Have I Been Pwned, a well-known site in the security community that catalogs and warns the public about data breaches. Hence, the pop-up signaled the hacker stole a trove of user information and plans on leaking it.

Troy Hunt, the security researcher who runs HIBP, has since confirmed the breach. The hacker sent him a 6.4GB database covering stolen information on 31 million user accounts, including email addresses, user names and hashed passwords. Users can go to HIBP to see if they've been affected.

The Internet Archive’s founder Brewster Kahle hasn’t commented on the apparent hack. But in a tweet, he said the Internet Archive is currently fending off a DDoS attack, after experiencing an earlier attack the day before. “We are working to bring archive.org back online,” Kahle said in his tweet

Jason Scott, an archivist for the Internet Archive, added on Mastodon: “Someone is DDOSing the internet archive, so we've been down for hours.” Such attacks involve summoning a flood of internet traffic and bombarding a website or app, forcing it offline.

The culprit behind the alleged hacking and DDoS remains unclear. But The Verge reports that a Twitter account @Sn_darkmeta has been claiming responsibility for the DDoS. In May, the Internet Archive also faced another DDoS attack, which @Sn_darkmeta says it was also behind.

“They (The Internet Archive) are under attack because the archive belongs to the USA, and as we all know, this horrendous and hypocritical government supports the genocide that is being carried out by the terrorist state of ‘Israel,’” @Sn_darkmeta posted in explaining the attacks. 

However, the Internet Archive operates as a nonprofit that’s merely based in San Francisco. 

Like What You're Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. By clicking the button, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.


Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

Sign up for other newsletters
Newsletter Pointer