Internet Archive Suffers Third Breach

What happened?

With two breaches happening just this month alone, the Internet Archive has been hit with their third attack from the Russian hacking group dubbed SN-Blackmeta. This comes after an earlier attack on the site in May, where the site was hit with DDoS attacks for several days. 

What products are affected?

Unlike the first two, the latest breach revolves around the group exploiting Zendesk API tokens that hadn’t been properly rotated in years. This allowed the group to access support tickets as far back as 2018, which could have contained personally identifiable information on the user who created it. 

Is there a mitigation patch or update?

Zendesk has gone public, confirming that they have helped Internet Archive in securing their API tokens and stating that there were no compromises to the Zendesk platform itself. Chris Freeland, the Director of Library Services for Internet Archive, has stated that they are ‘relaunching services as defenses are strengthened’ and noted they are working on improving firewall security and further protecting the organization's data stores.

Think you’ve been exposed?

Over 31,000,000 users had their data breached due to these attacks. It’s not unrealistic to think that your sensitive data from your organization or your personal accounts could have been leaked in similar breaches. 

Mistakes, misconfigurations, and the lack of periodic tests might lead to security gaps in any organization. If you believe your organization may be at risk of a similar event, you need to perform a security assessment to confirm. Red Sentry’s exploit engine can perform a proof of concept to confirm your vulnerability status. Reach out today for a free security scan. 

Jacob Boren
Penetration Tester

Schedule a Pentest:

Penetration Testing

Start a Free Trial:

Vulnerability Scanner