Internet Archive Data Breach Exposes 31M Accounts!

Executive Summary

In October 2024, The Internet Archive experienced a significant data breach that compromised the accounts of 31 million users. The breach was attributed to unsecured authentication tokens that had been exposed in their GitLab repository for nearly two years. Cybercriminals exploited this vulnerability to infiltrate critical systems and databases, leading to the theft of sensitive user data, including personal identification information from support tickets. Furthermore, the attackers utilized the compromised Zendesk API token to send phishing emails, impersonating the organization and further jeopardizing user security. This incident underscores the importance of stringent operational security measures in safeguarding sensitive information.

 Read the full breach analysis from NHI Mgmt Group here

Key Details

Breach Timeline

• December 2022: An authentication token in the Internet Archive’s GitLab repository was inadvertently exposed, remaining accessible for 22 months.
• October 9, 2024: Attackers exploited the unsecured token, gaining access to sensitive data and systems.

Data Compromised

• 31 million user accounts were compromised, including email addresses and hashed passwords.
• Sensitive support tickets containing personal identification details were also accessed.

Impact Assessment

• The breach could potentially lead to identity theft and unauthorized account access for millions of users.
• Trust in the Internet Archive’s data handling practices has been significantly undermined.

Company Response

• The Internet Archive has initiated a thorough investigation and is actively notifying affected users.
• They are implementing enhanced security measures to prevent future breaches, including audits of existing repositories.

Security Implications

• This incident highlights the critical need for secure coding practices and regular audits of repository access settings.
• Organizations must prioritize the protection of authentication tokens to mitigate the risk of similar exploits.

 If you want to learn more about how to secure NHIs including AI Agents, check our NHI Foundational Training Course.