The Internet Archive confirmed a third security breach on October 20, 2024, marking a series of escalating cyberattacks
According to Forbes*, hackers exploited unrotated Zendesk API tokens to access the platform managing support tickets. Despite earlier warnings and multiple breaches this month, the organization failed to secure the system adequately, leaving the tokens vulnerable. As a result, attackers accessed and potentially downloaded sensitive support data, including users’ personal identification documents. This breach follows two major attacks earlier in October, further damaging the Archive’s infrastructure.
The Internet Archive failed to replace the previously stolen digital keys which has left the platform vulnerable once again to persistent attackers. Failure to clean up any exposed vulnerabilities, such as breached tokens, can lead to further problems like what we are witnessing here. Threats actors, including both the original attackers and new groups testing their (if any) new security, will continue to target a platform until a full patch is delivered and working. As a result of this latest breach, attackers were able to gain access to even more sensitive user information and once again have put their users at risk. This highlights the importance of quick reactions and protocol following a cyberattack. It is vital that companies act swiftly in a full audit as it is clear that malicious actors will come back time and time again to test their new defenses.
by Jake Moore, ESET
*ESET does not bear any responsibility for the accuracy of this information.
ESET Ireland 