Source – Three national security sources have confirmed that intelligence agencies widely anticipate a nationwide 9/11-style cyberattack against the U.S. around Election Day.
Hackers were able to exploit unrotated Zendesk API tokens to gain access to the platform that manages the Archive’s support tickets.
The Internet Archive has confirmed a third security breach on October 20, 2024, in what has become a series of escalating cyberattacks. Hackers were able to exploit unrotated Zendesk API tokens to gain access to the platform that manages the Archive’s support tickets.
Despite previous warnings and multiple breaches earlier this month, the organization had not or were unable to secure the system adequately, leaving the tokens vulnerable to continued exploitation.
The attackers were still able to access and potentially download sensitive support data, including personal identification documents submitted by users.
This breach follows two major attacks earlier in October, which have compounded the damage to the Archive’s infrastructure.
The Internet Archive is a nonprofit digital library that was established in 1996 by Brewster Kahle with the goal of providing “universal access to all knowledge.”
It is widely known for its Wayback Machine, which archives websites and allows users to view them as they appeared in the past, making it a valuable resource for historians, researchers, and the general public.
Beyond websites, the Archive hosts millions of digital items, including books, music, audio files, videos, and software.
This vast collection preserves cultural and historical materials that might otherwise be lost. The organization operates primarily on donations and has played an essential role in maintaining digital history.
The first breach occurred on October 9, 2024, involving a dual attack—a data breach and a Distributed Denial of Service (DDoS) attack. Hackers took advantage of a previously exposed GitLab token, which had been vulnerable since late 2022, to access the Internet Archive’s source code and steal user data. This breach affected 31 million users, exposing Bcrypt-hashed passwords, email addresses, and other sensitive information.
Simultaneously, a pro-Palestinian group called SN_BlackMeta launched a DDoS attack that overwhelmed the Archive’s servers with traffic, temporarily taking the site offline. Although these attacks happened at the same time, the data breach and the DDoS attack were conducted by different groups​.
