It seems that safe conditions were not created even long after the attack.
The Internet Archive is still dealing with the effects of a major cyber attack that hit the platform two weeks ago. As a result of the attack, the website (including the famous Wayback Machine, which preserves old websites) was temporarily unavailable. Among the interventions, a series of DDoS attacks were carried out by the SN-Blackmeta group, but the identity of the hacker responsible for the more serious data theft is still unknown.
According to the hacker, he gained access to more than 800,000 support tickets sent through Zendesk’s system, which contain requests and questions sent by Internet Archive users. These tickets can often contain sensitive data, such as those who have requested their website be removed from the Wayback Machine – this often required verification of the identity of those involved.
In his latest attack, the hacker accused the Internet Archive of failing to update the compromised API keys, leaving sensitive data open. According to Chris Hickman, head of security firm Keyfactor, failure to update such keys is a serious vulnerability that extends the opportunity for attackers to obtain data.
Although parts of the platform have since been restored, the attack raises serious concerns about the security of user data. The Internet Archive remains a valuable tool, and many hope the institution will quickly address security flaws to prevent similar incidents in the future.
Source: www.pcwplus.hu
