The Internet Archive, a widely-used digital library, faced a significant cyberattack on October 9, 2024, resulting in the exposure of personal data from 31 million users. The breach occurred due to a Distributed Denial-of-Service (DDoS) attack, which targeted the organization’s JavaScript (JS) library, revealing sensitive information such as email addresses, usernames, and passwords.

Founder Brewster Kahle confirmed the breach and assured that steps were being taken to mitigate the attack, including disabling the JS library, using DDoS scrubbing, and improving overall security protocols.

Impact:

• 31 million users affected: Personal data at risk, raising concerns about potential phishing attacks and other malicious activities.
• Users urged to check for compromised information using the “Have I Been Pwned?” service.

The Internet Archive has restored services in read-only mode, while the Wayback Machine remains operational, albeit without the latest archived pages. The organization is working to address vulnerabilities and enhance protection for future security.

Key Highlights:

• 31 million user accounts compromised in Internet Archive data breach.
• DDoS attack disabled servers, exploiting the JavaScript library.
• Users are advised to check their compromised information and be vigilant against phishing attacks.