The Internet Archive, known for its Wayback Machine and digital library, has been struggling with a series of Distributed Denial of Service (DDoS) attacks that have left the site intermittently offline. These attacks, which began in May 2024 and escalated in recent days, have also coincided with a significant data breach affecting over 31 million users.

Hackers infiltrated the site, stealing encrypted passwords, email addresses, and usernames, later dumping this data on the web and notifying users via the breach-tracking site “Have I Been Pwned” (HIBP). The attackers even defaced the Internet Archive’s website with a taunting pop-up, urging users to check HIBP to see if they were compromised. The cybercriminal group Blackmeta claimed responsibility for the attacks, although their motives remain unclear. Some speculate political motivations or attempts to erase content from the archive, while others see it as an act of digital vandalism.

Founder Brewster Kahle and his team have been working to restore the site while upgrading security measures. They reassured users that although sensitive personal data is not stored by the Archive, the breach still poses a phishing risk, as stolen email addresses could be used for fraudulent schemes.

This incident adds to the Archive’s recent woes, including a legal defeat in a copyright case regarding eBooks. For now, the team is focused on fending off further attacks and securing the site from future breaches.