The Internet Archive has experienced yet another data breach, with a threat actor gaining access to email addresses from users who submitted support requests. The hackers are reportedly responding to the compromised Zendesk support tickets as a way to highlight the site’s ongoing security vulnerabilities. In their message, they criticize the Internet Archive for not rotating API keys that were exposed in their GitLab secrets, even after being made aware of the breach weeks earlier.
The group claims to have access to a Zendesk token, enabling them to view over 800,000 support tickets dating back to 2018. This breach puts users’ email addresses and encrypted passwords at risk, particularly for those who submitted removal requests or other personal identification data via email. Concerned users are encouraged to check the Have I Been Pwned website to see if their information was compromised.
It’s unclear if the group responsible for this breach is connected to previous incidents involving the Internet Archive, such as a DDoS attack or another breach involving 31 million unique records. Following these breaches, the Internet Archive temporarily went offline for maintenance as it worked to patch its security vulnerabilities.
Although the site is now back online, it remains only partially operational, with limited services like the Wayback Machine and Archive-It.org accessible. The latest update from the Internet Archive, dated October 17, states that the site is in read-only mode as they work on a full restoration while focusing on strengthening their defenses to prevent future breaches.
