Archive.org, a repository of the history of the Internet, has a data breach

Archive.org, one of the only entities to attempt to preserve the entire history of the World Wide Web and much of the broader Internet, was recently compromised in a hack that revealed data on roughly 31 million users.


A little after 2 pm California time, social media sites became awash with screenshots showing what the archive.org homepage displayed.

It read:


archive.org


Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!


HIBP is short for Have I been Pwned, the authoritative site for breach notifications that helps people protect their accounts after they've been compromised.


The message didn't last long. Soon after it appeared, archive.org, when it loaded at all, displayed a message saying the site was temporarily down. Later, the site returned. Archive.org's Brewster Kahle said on the social media site X that the archive had come under a DDoS attack.


Now, Have I Been Pwnd is reporting that archive.org was hacked. HIBP said the compromise occurred last month and exposed 31 million records containing email addresses, screen names, and bcrypt-hashed passwords.

This is a developing story and will be updated when we have more information.