The Internet Archive Cyber-Attack: What Happened and How They Responded

The Internet Archive, a digital library dedicated to preserving the cultural heritage of the internet, recently faced a wave of cyber-attacks that compromised their security and led to a breach in their systems. The latest incident involved hackers sending emails on behalf of the Internet Archive team, thanks to a stolen access token for the library’s Zendesk account. This breach was just one in a series of attacks that saw the Internet Archive hit by DDoS attacks and website defacement.

Internet Archive’s Security Failures

Customer service provider Zendesk stepped in to assist the Internet Archive in resolving the breach, pointing out that the non-profit failed to secure its authentication tokens, allowing unauthorized access to their Zendesk instance. While Zendesk clarified that the issue did not originate from their platform, they collaborated with the Internet Archive to enhance their security measures.

According to reports, the hacker behind the breach gained access to an exposed GitLab configuration file on one of the organization’s development servers. This file contained an authentication token that enabled the threat actor to download source code from the Internet Archive, which likely included API access tokens for the Zendesk customer support system.

Questions About Allegedly Compromised Data

Despite efforts to contain the security incident, concerns remain regarding the safety of the Internet Archive’s data. The library’s team is focused on reinforcing firewall systems and enhancing data protection measures to safeguard their patrons and information. Some services, such as the Wayback Machine and Archive-It, have resumed with increased security measures, while archive.org is accessible in a read-only mode.

The situation is still evolving, and updates will be provided as more information becomes available. It serves as a reminder of the importance of implementing robust security practices to prevent such breaches in the future.