The «Wayback Machine» internet archive has suffered a data breach. A user authentication database containing 31 million unique records has been stolen.
The database contains unique email addresses, Bcrypt encrypted passwords and other internal user data. The last record in the database is dated September 28, 2024. This is likely the date on which the database was hacked.
Upon entering the site, visitors were greeted by a pop-up window that read:
“Have you ever felt like the Internet Archive is running on sticks and constantly on the verge of a catastrophic security breach? This just happened. See 31 million of you on HIBP!”.
HIBP is a data breach notification service called Have I Been Pwned, created by Troy Hunt, with whom threat actors typically share stolen data to add to the service.
It is recommended that you change the passwords to your accounts on the service..
Material taken from: https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/, https://www.severreal.org/a/internet-archive-soobschil-ob-utechke-dannyh-31-milliona-polzovateley/33153615.html, https://meduza.io/news/2024/10/10/vzloman-internet-archive-v-utechke-dannye-millionov-polzovateley.