On October 9, 2024, the Internet Archive disclosed that it had suffered a data breach affecting approximately 31 million user records. The breached data included usernames, email addresses, and bcrypt-hashed passwords, along with timestamps indicating when the affected users last changed their passwords.
Exposed GitLab Configuration File
The data breach was facilitated by an exposed GitLab configuration file containing an authentication token, which had been publicly available online since at least December 2022. This token allowed the threat actors to download the Internet Archive’s source code, which in turn contained additional credentials and authentication tokens for the organization’s database management system.
