31 million users impacted by Internet Archive data breach — what we know

News
By published

This is massive

A hand typing at a computer in a dark room, lit up by the laptop's keyboard LEDs and red LED light
(Image credit: Getty Images)

Internet Archive had its popular Wayback Machine hit with a massive data breach that saw a user authentication database with 31 million unique records stolen. This is a big deal for anyone who has an account on the popular website.

The hacker made a JavaScript message alert claiming they stole user data and that it would show up on Have I Been Pwned (HIBP). The message reads, "Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!"

As far as what data the hacker got, Troy Hunt, the creator of HIBP, told BleepingComputer that Internet Archive user email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data were included in the large 6.4GB SQL file named "ia_users.sql."

The most recent timestamp in the data is September 28th, 2024, which is likely the date the hacker got their hands on the data.

If you're curious about whether your information was stolen, it'll be added to HIBP in the near future. You can enter your email address on the site and see if you were among the 31 million people impacted by this breach (or other hacks).

Interestingly, security researcher Scott Helme actually allowed BleepingComputer to publish his entry in the hacked database. Here's what it looks like:

9887370, internetarchive@scotthelme.co.uk,$2a$10$Bho2e2ptPnFRJyJKIn5BiehIDiEwhjfMZFVRM9fRCarKXkemA3PxuScottHelme,2020-06-25,2020-06-25,internetarchive@scotthelme.co.uk,2020-06-25 13:22:52.7608520,\N0\N\N@scotthelme\N\N\N

Helme said that the bcrypt-hashed password in the record matched the brcrypt-hashed password in his password manager, and the timestamp in the database record matched the date when he last changed the password.

For its part, the Internet Archive's founder Brewster Kahle finally spoke up, with the company's founder posting on X about the situation. Kahle said, "What we know: DDOS attacked-fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords."

Kahle also spoke about what the company has done to deal with the issue: "What we've done: Disabled the JS library, scrubbing systems, upgrading security."

Based on this information, it seems the Internet Archive is facing a data breach and DDoS attacks simultaneously, though the two attacks aren't connected.

What should you do?

If this data breach has impacted you, the first thing you should do is change your password to ensure malicious individuals can't get into your Internet Archive account. If you use the same password on other services (which we don't recommend), you'll want to change the password on other services that use it, too.

Even though this hack doesn't include payment information or social security numbers, you'll still want to check out one of the best identity theft protection services to ensure that your name is protected.

More from Tom's Guide

See more Computing News
Dave LeClair
Dave LeClair
Senior News Editor

Dave LeClair is the Senior News Editor for Tom's Guide, keeping his finger on the pulse of all things technology. He loves taking the complicated happenings in the tech world and explaining why they matter. Whether Apple is announcing the next big thing in the mobile space or a small startup advancing generative AI, Dave will apply his experience to help you figure out what's happening and why it's relevant to your life.

Read more
An open lock depicting a data breach
12 million hit in Zacks Investment data breach — how to protect yourself now
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
An open lock depicting a data breach
3.5 million hit in major law firm data breach — full names, SSNs, dates of birth, addresses and more exposed
Globe Life insurance company logo on a cell phone in front of a monitor display the About page for the company. Shadowy hand holds the phone.
850,000 people exposed in massive insurance data breach — full names, dates of birth and SSNs
An open lock depicting a data breach
The top 10 data breaches of 2024
An open lock depicting a data breach
Massive healthcare data breach just exposed the personal info of 1 million Americans — what to do now
Latest in Online Security
23andME box
23andMe has declared bankruptcy — here's how to delete your data now
A magnifying glass on top of the Steam logo in a web browser
Valve just pulled a malicious game demo spreading info-stealing malware from Steam
A man filing his taxes electronically on a laptop
AI-powered tax scams are here - how to stay safe from deepfakes, phishing and more this tax season
MacBook Pro 2023
New Mac attack is tricking users into thinking their computer is locked — how to stay safe
Hacker using a stolen social security card
Your Social Security number is a literal gold mine for scammers and identity thieves — here’s how to keep it safe
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Latest in News
NYTimes Connections
NYT Connections today hints and answers — Tuesday, March 25 (#653)
A first look at Amazon's Fallout TV series coming to Prime Video
‘Fallout’ season 3 plans are reportedly being made — while season 2 is still filming
Surface Laptop 7 from the front
Amazon just gave Surface Laptop 7 a 'frequently returned' label — here's what's going on
New emojis with iOS 18.4 beta release.
iOS 18.4 beta brings 8 new emoji to your iPhone — here's all the new options
23andME box
23andMe has declared bankruptcy — here's how to delete your data now
half-life alyx
Latest Half-Life 3 rumors point to a 2025 release — and maybe pigs will fly
More about online security
23andME box

23andMe has declared bankruptcy — here's how to delete your data now

A man filing his taxes electronically on a laptop

AI-powered tax scams are here - how to stay safe from deepfakes, phishing and more this tax season
Dyson Airstrait lifestyle images

Dyson Airstrait review: wet-to-dry straightener delivers frizz-free shine in minutes, at a price
See more latest
Most Popular
NYTimes Connections
NYT Connections today hints and answers — Tuesday, March 25 (#653)
NYT Strands on a cellphone
NYT Strands today — hints, spangram and answers for game #387 (Tuesday, March 25 2025)
Two members of our review team photographed during a pressure relief test on the Saatva Classic mattress, with one typing notes into a laptop and the other measuring the amount of sinkage caused by a 56lb cast iron weight being dropped into the middle of the Saatva Classic mattress
People with this bed type are most satisfied with their mattress — and it’s not what we expected
A first look at Amazon's Fallout TV series coming to Prime Video
‘Fallout’ season 3 plans are reportedly being made — while season 2 is still filming
New emojis with iOS 18.4 beta release.
iOS 18.4 beta brings 8 new emoji to your iPhone — here's all the new options
Surface Laptop 7 from the front
Amazon just gave Surface Laptop 7 a 'frequently returned' label — here's what's going on
23andME box
23andMe has declared bankruptcy — here's how to delete your data now
half-life alyx
Latest Half-Life 3 rumors point to a 2025 release — and maybe pigs will fly
NFL Sunday Ticket logo for YouTube
NFL Sunday Ticket 2025 pricing revealed — and it's bad news
Russian flag with padlock smashing through glass
47 VPNs could be axed from Google Play Store following Russian demands