Skip to main content
  1. Home
  2. Computing
  3. News

The Wayback Machine has been hacked, and the internet isn’t happy about it

Add as a preferred source on Google
A person using a laptop with a set of code seen on the display.
Sora Shimazaki / Pexels

The Internet Archive is the type of target you’d hope never gets exposed. The organization’s Wayback Machine is a digital archive of the internet, and thus, contains an absolute goldmine of data. Yet, here we are. Data breaches and hacks happen all the time, but I’ve never seen so much vitriol toward the hackers on Twitter and Reddit than with this incident. People are already comparing it to the burning of the library of Alexandria.

So, what happened? The situation is ongoing, but here’s what we know right now, starting with the data breach. Hacking group SN_Blackmeta allegedly stole 31 million emails, passwords, and usernames from the Internet Archive’s Wayback Machine in an attack that likely occurred on September 28, 2024, according to Bleeping Computer reports.

Recommended Videos

Users discovered the breach when the following pop-up message was displayed using a JavaScript library: “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!.”

The breach was confirmed when Troy Hunt, the creator of Have I Been Pwned, told Bleeping Computer that the hackers shared the Internet Archives’ authentication database nine days ago. The database is a 6.4GB SQL file called “ia_users.sql.”

Other data stolen include Bcrypt-hashed passwords, password change time stamps, and other internal data. The latest time stamp gave the September date as the breach date. The stolen data should be added to the HIBP site so users can check if their data is compromised. So far, there is no official information on how the hackers stole the information or if any other data was compromised.

Separately, the Internet Archive owner, Brewster Khale, also confirmed a DDoS attack that brought the site down. A Distributed Denial of Service (DDoS) attack floods a website with malicious traffic to slow it or shut it down completely. According to Kahle, the first DDoS attack appears to have happened on October 8, taking archive.org down, only to have the same attack repeated on October 10.

What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords.

What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.

Will share more as we know it.

— Brewster Kahle (@brewster_kahle) October 10, 2024

The hackers have reportedly confirmed that this is not the only attack they will perform since they have confirmed additional attacks. To sum it up, the site is experiencing two types of attacks: DDoS and data breach, but right now, the two haven’t officially been linked.

The last official update from the Internet Archive was from early this morning, and archive.org remains down.

Judy Sanhz
Computing Writer
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
YouTube’s AI-powered search is rolling out in the US to find videos based on situations you describe
Ask YouTube can find videos based on the situation or idea you describe
youtube ai search feature

YouTube users in the U.S. are getting a new way to search for videos on the web. The company has started rolling out Ask YouTube, its conversational AI search experience, beyond the Premium-only test announced at Google I/O 2026.

Instead of entering a few keywords and scrolling through a standard list of results, users can ask YouTube a complete question. The feature is designed for broader searches where the exact video, channel, or topic may not already be clear.

Read more
Meta’s detection tool fails to identify photos generated by its own Muse Image AI
Meta has created an invisible watermarking tool called Content Seal that is embedded in all images generated by the Muse Image AI.
Meta AI identification tool.

Earlier this week, Meta announced two new AI products, namely, Muse Image and Muse Video. As the name suggests, these are generative AI tools for making photos and video clips using natural language text prompts. Soon after their rollout commenced, these tools sparked controversy because Meta had automatically opted in Instagram users, allowing others to use their publicly posted media and convert them into remixed AI content. But it appears that Meta courted another loss on its side of the court.

What's the problem?

Read more
Your Google AI Studio apps can finally have polished, presentable web links
AI Studio web apps can now use personalized subdomains
google ai studio logos

Google AI Studio has made building a web app surprisingly easy. You can describe what you want, refine the design through prompts, and publish the result without setting up a traditional development environment. An awkward point of friction comes after deployment, when the finished app still has to live behind a long, forgettable Cloud Run link.

Google is now cleaning up that final step. AI Studio lets you assign a deployed web app a personalized address under the “ai.studio” domain, such as “your-app-name.ai.studio.” A recognizable URL should make the project look more presentable in a portfolio, client demo, social post, or internal project page.

Read more