Internet Archive hacked again: We know because the hacker responded to our email to the Archive.

The hacker is responding to support requests sent to the online library.
By Matt Binder  on 
Hacker at computer
The Internet Archive continues to suffer from cyberattacks. The hacker told Mashable so themself. Credit: Tunvarat Pruksachat via Getty Images

The Internet Archive is still under attack two weeks after suffering a data breach and DDoS attacks that took the website down.

How do we know? 

Because the hacker just responded to Mashable's email that we went to the Internet Archive to find out more about the hack. The hacker was able to respond via Internet Archive's Zendesk, an online service that helps companies respond to users' support queries.

The hacker responds through Internet Archive

Earlier this month, Internet Archive suffered multiple cyberattacks that ended up taking the entire platform, including The Wayback Machine which archives websites throughout the years, offline.

While a group known as SN-Blackmeta took responsibility for the DDoS attacks, the attacker behind the data breach has remained anonymous. It's unconfirmed whether that anonymous hacker is also behind the latest Internet Archive breach. 

The attacker claims that they have access to all of the more than 800,000 support tickets sent to Internet Archive since 2018.

"It's dispiriting to see that even after being made aware of the breach 2 weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets," the hacker wrote on Sunday through Zendesk to our email that we sent to Internet Archive on October 10.

Mashable Light Speed
Want more out-of-this world tech, space and science stories?
Sign up for Mashable's weekly Light Speed newsletter.
By signing up you agree to our Terms of Use and Privacy Policy.
Thanks for signing up!

"As demonstrated by this message, this includes a Zendesk token with perms to access 800K+ support tickets sent to [email protected] since 2018," they continued.

Chief Security Officer Chris Hickman of the cybersecurity company Keyfactor explained to Mashable why the rotating API key issue played such an important role here.

"This is a security oversight as tokens that are not rotated regularly have longer lifespans, increasing the window of opportunity for attackers to steal and misuse them," Hickman said. "If a malicious actor obtains an unrotated token, they could use it to gain unauthorized access to systems or services."

And it appears that's what happened.

The Internet Archive's bad month continues

In the initial attack earlier this month, the hacker shared that they had accessed emails, screen names, and encrypted passwords for 31 million Internet Archive users. However, in this most recent attack, the attacker now shared that they have more than 800,000 support tickets shared between Internet Archive users and the non-profit group. These support tickets could contain even further sensitive information as users who requested that their content be removed from the Internet Archive had to oftentimes provide identification.

In an age where everyone seems to disagree about everything on the internet, there's one thing that most people seem to agree with: The Internet Archive is an amazing tool that provides online library services at no-cost to users. Many were shocked when their site was attacked earlier this month.

The Internet Archive was able to get parts of its website back up and running last week. However, it seems like significant damage has been done.

"Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine—your data is now in the hands of some random guy. If not me, it'd be someone else," the hacker said in its reply to Mashable's contact. "Here's hoping that they'll get their shit together now."

Topics Cybersecurity


Recommended For You
Internet Archive data breach: Hacker claims to ‘See 31 million of you' on Have I Been Pwned
Hacker image

Archive of our Own is down again, and fans are freaking out
The Archive of Our Own logo.

[Updated] The Wayback Machine and full Internet Archive are back up
Warning message,Computer notification on screen

Google is reportedly developing a ‘fake’ email feature to help you avoid spam
Google logo on mobile device


Trending on Mashable
NYT Connections hints today: Clues, answers for December 6, 2024
A phone displaying the New York Times game 'Connections.'

Wordle today: Answer, hints for December 6
a phone displaying Wordle

Tesla suspends Cybertruck production. Who could have predicted this?
Tesla vehicles, including Cybertrucks, loaded on a transport that seems to be going nowhere.

NYT Mini crossword answers, hints for December 6, 2024
Closeup view of crossword puzzle clues

NYT Connections Sports Edition today: Hints and answers for December 6
A phone displaying the New York Times game 'Connections.'
The biggest stories of the day delivered to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up. See you at your inbox!