In recovering from recent cyberattacks on October 8, the Internet Archive has resumed the Wayback Machine (starting October 13) and Archive-It (October 17), and as of today (October 21), has begun offering provisional availability of archive.org in a read-only manner.
Features like uploading, borrowing, reviewing items, interlibrary loan, and other services are not yet available.
Please note that these services will have limited availability as we continue maintenance.
Hackers disclosed archive.org email and encrypted passwords to a transparency website, and also sent emails to patrons by exploiting a 3rd party helpdesk system.
To be clear, the email thing was 100% the IA’s fault, much as I love their work. BleepingComputer warned them something like two weeks in advance.
Yeah, it’s a weird blunder to not have rotated keys after being breached. I’m not familiar with how the org works but it sounds like they don’t have a dedicated security guy, which is weird for something of that size.
It isn’t. Nonprofits don’t have a ton of money, and implementing strong security controls takes money and time away from other activities. Small businesses have a lot of trouble for the same reason.
You mean have I been pwned warned them(troy), right?
This is the breach I was referring to.