The Internet Archive, a non-profit digital library, disclosed a major data breach affecting over 31 million users, including email addresses and hashed passwords. The breach involved a 6.4 GB SQL database compromised by attackers, leading to the exposure of user authentication information
Although 54% of the compromised data had been flagged in previous breaches, it raised concerns about password security. The breach was reported to the Internet Archive by Troy Hunt of Have I Been Pwned on Oct. 6, leading to the disabling of services and a series of DDoS attacks. The breach timeline indicates that the data was likely stolen on Sept. 28, with the operator validating and notifying the Archive before the public disclosure. The breach coincided with a second DDoS attack, attributed to the hacktivist group BlackMeta. Despite no reported data corruption, the attacks highlight a rising trend in DDoS incidents, with financial and critical infrastructure services being prime targets. https://www.techrepublic.com/article/internet-archive-accounts-exposed/