Editing Internet Archive (section)

=== Cyberattacks ===
During the week of May 27, 2024, the Internet Archive suffered a series of [[Denial-of-service attack#Distributed DoS|distributed denial of service]] (DDoS) attacks that made its services unavailable intermittently, sometimes for hours at a time, over a period of several days.<ref>{{Cite web |last=Irwin |first=Kate |date=2024-05-28 |title=Internet Archive Hit With DDoS Attacks |url=https://www.pcmag.com/news/internet-archive-hit-with-ddos-attack |archive-url=https://archive.today/20240528174629/https://www.pcmag.com/news/internet-archive-hit-with-ddos-attack |url-status=live |archive-date=28 May 2024 |access-date=2024-05-29 |website=[[PCMag]] |language=en}}</ref><ref>{{Cite web |last=Baran |first=Guru |date=2024-05-28 |title=Internet Archive is Under DDoS Attack For Several Hours |url=https://cybersecuritynews.com/internet-archive-under-ddos-attack/ |archive-url=https://archive.today/20240528174657/https://cybersecuritynews.com/internet-archive-under-ddos-attack/ |url-status=live |archive-date=28 May 2024 |access-date=2024-05-29 |website=Cyber Security News |language=en-US}}</ref><ref>{{Cite web |last=Moon |first=Mariella |date=2024-05-29 |title=The Internet Archive has been fending off DDoS attacks for days |url=https://www.engadget.com/the-internet-archive-has-been-fending-off-ddos-attacks-for-days-035950028.html |access-date=2024-05-29 |archive-url=https://archive.today/20241011044638/https://www.engadget.com/the-internet-archive-has-been-fending-off-ddos-attacks-for-days-035950028.html |url-status=live |archive-date=11 October 2024 |website=[[Engadget]] |language=en-US}}</ref> The attack was claimed on May 28 by a hacker group called SN_BLACKMETA,<ref name="JL">{{Cite news |last=Lyons |first=Jessica |title=Multi-day DDoS storm batters Internet Archive |publisher=[[The Register]] |date=29 May 2024 |url=https://www.theregister.com/2024/05/29/ddos_internet_archive |archive-url=https://archive.today/20240601081103/https://www.theregister.com/2024/05/29/ddos_internet_archive |archive-date=1 June 2024 |url-status=live}}</ref><ref name="WD" /> with possible links to [[Anonymous Sudan]].<ref name="Radware">{{citation |title=Six-day, 14.7 Million RPS Web DDoS Attack Campaign Attributed to SN_BLACKMETA |publisher=[[Radware]] |date=24 July 2024 |url=https://www.radware.com/security/threat-advisories-and-attack-reports/six-day-web-ddos-attack-campaign/ |url-status=live |archive-url=https://archive.today/20241010155819/https://www.radware.com/security/threat-advisories-and-attack-reports/six-day-web-ddos-attack-campaign/ |archive-date=10 October 2024}}</ref> The incident drew a comparison with the 2023 [[British Library cyberattack]], which affected the [[UK Web Archive]].<ref>{{citation |last=Stokel-Walker |first=Chris |title=We're losing our digital history. Can the Internet Archive save it? |publisher=[[BBC News Online|BBC]] |date=September 16, 2024 |url=https://www.bbc.com/future/article/20240912-the-archivists-battling-to-save-the-internet |archive-url=https://archive.today/20240916094805/https://www.bbc.com/future/article/20240912-the-archivists-battling-to-save-the-internet |url-status=live |archive-date=September 16, 2024}}</ref>

[[File:Internet_archive_website,_during_DOS_attack,_13th_October_2024.png|thumb|Internet Archive main page showing partially available services]]

Beginning October 9, 2024, the Internet Archive's team, including archivist [[Jason Scott]] and security researcher Scott Helme, confirmed DDoS attacks, site defacement, and a data breach. The purported [[Hacktivism|hacktivist]] group SN_BLACKMETA again claimed responsibility.<ref name="Bleep">{{Cite web |title=Internet Archive hacked, data breach impacts 31 million users |first=Lawrence |last=Abrams |url=https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/ |archive-date=10 October 2024 |archive-url=https://archive.today/20241010052448/https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/ |url-status=live |access-date=2024-10-10 |website=[[Bleeping Computer|BleepingComputer]] |language=en-us}}</ref> A pop-up on the defaced site claimed that there was a "catastrophic" [[Data breach|security breach]], stating "Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on [[Have I Been Pwned?|HIBP]]!"<ref>{{Cite magazine |last1=Newman |first1=Lily Hay |first2=Kate |last2=Knibbs |title=Internet Archive Breach Exposes 31 Million Users |url=https://www.wired.com/story/internet-archive-hacked/ |archive-url=https://archive.today/20241010021313/https://www.wired.com/story/internet-archive-hacked/ |archive-date=10 October 2024 |url-status=live |access-date=2024-10-11 |magazine=[[Wired (magazine)|Wired]] |language=en-US |issn=1059-1028}}</ref><ref name="WD">{{Cite web |url=https://www.theverge.com/2024/10/9/24266419/internet-archive-ddos-attack-pop-up-message |title=The Internet Archive is under attack, with a breach revealing info for 31 million accounts |first=Wes |last=Davis |publisher=[[The Verge]] |url-status=live |date=2024-10-10 |access-date=2024-10-10 |archive-url=https://archive.today/20241010052449/https://www.theverge.com/2024/10/9/24266419/internet-archive-ddos-attack-pop-up-message |archive-date=10 October 2024}}</ref> It was reported that about 31 million user accounts were affected, and compromised in a file called "ia_users.sql", dated September 28, 2024.<ref name="Bleep" /><ref>{{Cite web |title=Hacker Defaces Internet Archive, Steals Data on 31 Million Users |url=https://www.pcmag.com/news/hacker-defaces-internet-archive-claims-it-suffered-a-breach |archive-date=9 October 2024 |archive-url=https://archive.today/20241009235004/https://www.pcmag.com/news/internet-archive-remains-offline-to-focus-on-data-security-after-breach |url-status=live |first=Michael |last=Kan |access-date=2024-10-10 |website=[[PCMag]] |date=October 9, 2024 |language=en}}</ref> The attackers stole users' email addresses and [[Bcrypt]]-hashed passwords.<ref>{{Cite web |last=Poireault |first=Kevin |date=2024-10-10 |title=Internet Archive Breached, 31 Million Records Exposed |url=https://www.infosecurity-magazine.com/news/internet-archive-breach-31m/ |archive-url=https://archive.today/20241010174332/https://www.infosecurity-magazine.com/news/internet-archive-breach-31m/ |url-status=live |archive-date=10 October 2024 |access-date=2024-10-10 |website=Infosecurity Magazine |language=en-gb}}</ref> As of October 15, 2024, the website was still mostly offline for "prioritizing keeping data safe at the expense of service availability."<ref>{{Cite web |last=Kan |first=Michael |date=2024-10-10 |title=Internet Archive Remains Offline to Focus On Data Security After Breach |url=https://www.pcmag.com/news/internet-archive-remains-offline-to-focus-on-data-security-after-breach |archive-date=10 October 2024 |url-status=live |archive-url=https://archive.today/20241010210237/https://www.pcmag.com/news/internet-archive-remains-offline-to-focus-on-data-security-after-breach |access-date=2024-10-11 |website=PCMag |language=en}}</ref> On October 11, Kahle said that the data is safe, and will bring the service back to normal "in days, not weeks."<ref>{{Cite web |last=Roth |first=Emma |date=2024-10-11 |title=The Internet Archive is still down but will return in 'days, not weeks' |url=https://www.theverge.com/2024/10/11/24268040/internet-archive-data-breach-outage-hacked |access-date=2024-10-12 |website=The Verge |language=en}}</ref><ref>{{Cite web |title=After Breach, Internet Archive Expects to Return Within 'Days, Not Weeks' |url=https://www.pcmag.com/news/after-breach-internet-archive-expects-to-return-within-days-not-weeks |access-date=2024-10-12 |website=PCMAG |date=October 11, 2024 |language=en}}</ref><ref>{{Cite tweet |number=1844790609573277792 |user=brewster_kahle |title=The data is safe. Services are offline as we examine and strengthen them. Sorry, but needed. @internetarchive staff is working hard. Estimated Timeline: days, not weeks. Thank you for the offers of pizza (we are set). |first=Brewster |last=Kahle |author-link=Brewster Kahle |date=2024-10-11}}</ref> On October 13, the Wayback Machine was restored in a read-only format, while archiving web pages was temporarily disabled.<ref>{{cite web|url=https://www.fastcompany.com/91209670/the-internet-archive-is-back-online-after-a-cyberattack |title=The Internet Archive is back online after a cyberattack |first=Jessica |last=Bursztynsky |work=[[Fast Company]] |date=2024-10-14 |access-date=2024-10-14 }}</ref> On October 14, Brewster Kahle said "[the Wayback Machine] volume is back to normal: 1,500 requests per second".<ref>{{Cite tweet |number=1845913275759747292 |user=brewster_kahle |title=@waybackmachine volume is back to normal: 1,500 requests per second. Sorry we don't have other services yet. |first=Brewster |last=Kahle |date=2024-10-14 |access-date=2024-10-15 |retweet=internetarchive}}</ref> On October 20, threat actors stole unrotated API tokens and breached Internet Archive on its [[Zendesk]] email support platform; they also claimed responsibility for the other breaches yet stated that SN_BLACKMETA was behind just the DDoS attacks.<ref name="bc-abrams">{{cite web |last=Abrams |first=Lawrence |date=2024-10-20 |title=Internet Archive breached again through stolen access tokens |url=https://www.bleepingcomputer.com/news/security/internet-archive-breached-again-through-stolen-access-tokens/ |access-date=20 October 2024 |website=[[Bleeping Computer]]}}</ref><ref name = "forbes-daniel">{{cite web|url= https://www.forbes.com/sites/larsdaniel/2024/10/20/internet-archive-breached-again-third-cyber-attack-in-october-2024/|title= Internet Archive Breached Again—Third Cyber Attack In October 2024|last= Daniel|first= Lars|website= Forbes|date= 20 October 2024}}</ref> On October 21, Internet Archive went back online in a read-only manner.<ref>{{Cite web |title=Internet Archive Services Update: 2024-10-21 |url=https://blog.archive.org/2024/10/21/internet-archive-services-update-2024-10-21/ |last=Freeland |first=Chris |date=2024-10-21 |access-date=2024-10-21 |website=blog.archive.org}}</ref> On October 22, all Internet Archive services temporarily went offline,<ref>{{Cite web |last=Townsend |first=Chance |date=2024-10-22 |title=Internet Archive and Wayback Machine are down again |url=https://mashable.com/article/internet-archive-down-again?test_uuid=01iI2GpryXngy77uIpA3Y4B&test_variant=a |access-date=2024-10-22 |website=Mashable |language=en}}</ref><ref>{{Cite web |last=Hall |first=Matt L. |date=2024-10-22 |title=Hackers Disable Internet Archive's Wayback Machine Once Again |url=https://www.makeuseof.com/hackers-again-cause-wayback-machine-outage/ |access-date=2024-10-22 |website=MUO |language=en}}</ref> but later that same day, only the Wayback Machine, Archive-It, and blog.archive.org were resumed.{{Citation needed|reason=This can be verified by checking archive.org, however no sources have reported on this.|date=October 2024}} On October 23, archive.org, the Wayback Machine, Archive-It, and the Open Library services all resumed but with some features, such as logging in, still unavailable until the staff announced it back available in the next day or two.<ref>{{Cite tweet |number=1849281904258043990 |user=textfiles |title=Guess what's back. Yes, http://archive.org and http://openlibrary.org are back, as well as http://web.archive.org (Wayback Machine) and all those amazing items. Some of the features are not up yet, but rest assured we're working on it and our tired devs will prevail. |first=Jason |last=Scott |author-link=Jason Scott |date=2024-10-23 |access-date=2024-10-24 |retweet=internetarchive}}</ref> On October 25, the login feature was made available and the site has remained active since.{{Citation needed|reason= This can be verified by checking archive.org, however no sources have reported on this.|date= November 2024}}