Internet Archive Gets Pummeled in Round 2 Breach

This latest breach was through Zendesk, a customer service platform that the organization uses.

Just a few days after the
Internet Archive
told the public it was getting back on its feet after a data breach and a barrage of distributed denial-of-service (DDoS) attacks forced it to go offline, the digital library website is once again in trouble.
Unknown bad actors have allegedly claimed access tokens to the archives Zendesk implementation, using them to send a mass email on Oct. 20 to those who tried to interact with the archives platform.
Internet Archive did not secure its authentication tokens, which enabled unauthorized access to their Zendesk instance, a Zendesk spokesperson told Dark Reading. It’s important to note that there is no evidence this was a Zendesk issue and that Zendesk did not experience a compromise of its platform. We have since worked together with Internet Archive to secure their account.
The hackers email to archive users began as follows:
Its dispiriting to see that even after being made aware of the breach two weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their GitLab secrets,
the hacker stated
. “As demonstrated by this message, this includes a Zendesk token with perm[ission]s to access 800K+ support tickets sent to [email protected] since 2018.
The email continued, Whether you were trying to ask a general question or requesting the removal of your site from the Wayback Machine — your data is now in the hands of some random guy. If not me, itd be someone else.
Though it can’t be said for certain, Chris Hickman, chief security officer (CSO) of Keyfactor, said the hacker may not have serious malicious intent, but instead wants to prove a point: that those in charge of the Internet Archive must be more proactive in protecting its network from those who would do much worse.
This is a security oversight as tokens that are not rotated regularly have longer lifespans, increasing the window of opportunity for attackers to steal and misuse them, Hickman wrote in an emailed statement to Dark Reading. If a token is not rotated correctly, it might expire, leading to authentication failures for legitimate users. If a malicious actor obtains an unrotated token, they could use it to gain unauthorized access to systems or services, leading to service disruptions and customer frustration, damaging a companys reputation and bottom line.
The organization hasnt made any public comments regarding the latest breach, but it did request donations last week to help support its endeavors of promoting open access to knowledge resources.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Internet Archive Gets Pummeled in Round 2 Breach