The Internet Archive has suffered another security breach, this time through its Zendesk support platform, as threat actors gained unauthorized access using stolen authentication tokens. Many users have reported receiving alarming and malicious emails in response to old support requests, raising concerns about the organization's ongoing cybersecurity issues.
This latest incident follows warnings that the Internet Archive had failed to properly secure API keys exposed in a prior breach, which also compromised access tokens for GitLab. The failure to rotate these tokens allowed the threat actors to exploit their access to Zendesk, where they obtained permissions to access over 800,000 support tickets dating back to 2018. According to affected users, these tickets contain personal data submitted to the Internet Archive, including sensitive requests such as the removal of information from the Wayback Machine.
The threat actors, in their messages, expressed disappointment at the Internet Archive's lack of action despite being made aware of the vulnerabilities weeks ago. “It's dispiriting to see that even after being made aware of the breach weeks ago, IA has still not done the due diligence of rotating many of the API keys,” the email reads. Some of these emails have passed authentication checks, adding legitimacy to the claims of compromised Zendesk servers. Recipients of these emails submitted their reports on Reddit, with one commenting that the situation demonstrates “woeful negligence with cybersecurity.”
The Internet Archive, a San Francisco-based non-profit, is a crucial platform preserving millions of web pages, books, videos, and other forms of media through its Wayback Machine and digital library. It serves academics, researchers, and the general public, making its services widely used and trusted. However, this breach is the latest in a string of security lapses that have severely damaged the organization’s reputation.
Earlier this month, the Internet Archive was hacked, compromising the personal data of over 31 million users. The data breach exposed email addresses, usernames, and bcrypt-hashed passwords, among other information.
Users of the Internet Archive who had previously interacted with their support platform may now be concerned that their personal information — potentially including IDs and sensitive content — could have been accessed by unauthorized parties. These incidents raise serious questions about the Internet Archive's ability to protect user data, especially in light of ongoing cybersecurity issues that have not been fully addressed.
Users who might be impacted by the situation at Internet Archive are advised to take the following actions:
- Change passwords, especially if reused on other sites.
- Stay alert for phishing attempts that may exploit the stolen data.
- Avoid sending sensitive information to the Internet Archive’s support system until a resolution is confirmed.
- Enable two-factor authentication for added security.
Given the recurring nature of these breaches and the apparent failure to resolve the underlying issues, users of the Internet Archive should proceed with caution when interacting with the platform until stronger security measures are put in place.
Chinese Drone Giant DJI Sues U.S. Over Security Threat Label
Leave a Reply