The Internet Archive hackers still have access to its internal emailing tools

Photo by Amelia Holowaty Krales / The VergeEarly this morning, I received an email from “The Internet Archive Team,” replying to a message I’d sent on October 9th. Except its author doesn’t seem to have been the digital archivists’...

The Internet Archive hackers still have access to its internal emailing tools

Early this morning, I received an email from “The Internet Archive Team,” replying to a message I’d sent on October 9th. Except its author doesn’t seem to have been the digital archivists’ support team — it was apparently written by the hackers who breached the site earlier this month and who evidently maintain some level of access to its systems.

I’m not alone. Users on the Internet Archive subreddit are reporting getting the replies, as well. Here is the message I received:

It’s dispiriting to see that even after being made aware of the breach 2 weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets.

As demonstrated by this message, this includes a Zendesk token with perms to access 800K+ support tickets sent to info@archive.org since 2018.

Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine—your data is now in the hands of some random guy. If not me, it’d be someone else.

Here’s hoping that they’ll get their shit together now.

The Verge left a voicemail at the Archive’s contact number asking for more information.

The Internet Archive has been slowly coming back online after the attacks and has resumed some services, including its website archive called the Wayback Machine. But its vast inventory of data, which is comprised of countless books, software, images, videos, audio, and even the digital archives of the island nation of Aruba, remains inaccessible.

The Archive team is currently “working around the clock across time zones” to bring more of the site’s services back, Internet Archive founder Brewster Kahle wrote in a blog post on October 17th. The site expects to resume more of its offerings in the “coming days,” but in read-only mode at first, “as full restoration will take more time,” according to the post.

As for why the site has been under assault, that’s still unclear. Kahle said he doesn’t know, either, in a Washington Post story yesterday. “Why kick the cat?” he added.