31 million Users Exposed: Inside the Massive Hack That Shook the Internet Archive

The recent cyberattack on the Internet Archive brings back haunting memories of ancient disasters — like the fiery fall of Nalanda University’s library in India. Imagine: for three straight months in the 12th century, the flames of Nalanda roared, fueled by thousands of manuscripts on science, math, philosophy, and literature. This blaze, ignited by Bakhtiyar Khilji’s forces, effectively erased a millennium of wisdom from history, taking with it a glimpse of humanity’s collective understanding. Fast forward nearly a thousand years, and this spirit of knowledge preservation lives on in digital form through the Internet Archive. But in early October 2024, it too faced a figurative “flame” in the form of an intense cyberattack. Though there were no literal flames, the event revealed vulnerabilities that could disrupt public access to history on a large scale.

The hack, orchestrated by a group calling themselves “SN_Blackmeta,” compromised sensitive data of 31 million users, targeting databases that house everything from account details to critical metadata. SN_Blackmeta didn’t stop at simply breaching the Archive’s data; they launched distributed denial-of-service (DDoS) attacks, flooding its servers and rendering the platform unusable. The Internet Archive’s team, which generally operates under the radar, was suddenly thrust into a crisis, scrambling to disable JavaScript libraries, strengthen its infrastructure, and restore services. For an organization that functions as a free library, this attack underscored just how vulnerable these modern “temples of knowledge” are.

Technically, the attack was complex. Beyond just a brute-force database attack, SN_Blackmeta’s strategy utilized DDoS attacks to overwhelm the Archive’s public-facing interfaces, ensuring users couldn’t access data during the initial phases. Cybersecurity expert Troy Hunt spotted the breach on September 30 and reported it to the Archive on October 6, prompting a multi-layered response, including a full shutdown of affected systems.

The implications are vast. The Internet Archive, a nonprofit organization with limited funds, has a difficult task: protecting a vast trove of digital records on a budget more fitting of a small library than a major tech institution. While it’s one thing to hack corporate data, it’s another to target a platform devoted to the public good. For a group like SN_Blackmeta, this choice reflects either a disregard for public resources or perhaps even an agenda to erase information — much like the fires that destroyed ancient libraries.

The attack serves as a wake-up call to those who rely on digital archives for both research and remembrance. For the users, it’s a reminder to vary passwords and ensure data security even on sites as benign as digital libraries. For the Archive, it signals a need for greater support and cybersecurity resilience, underscoring that modern knowledge isn’t as secure as we often assume.

Written By: Arya Raval