The Internet Archive was crippled by DDoS attacks

The Internet Archive was hit by a series of DDoS attacks this week that took the service offline. The edge I noticed a popup on the website today as the online database went down. The popup has now disappeared, but the website is currently unavailable.

According to security researcher Troy Hunt, the DDoS attack came just as the Internet Archive was preparing to reveal a previous breach of its website that resulted in the theft of more than 31 million records. Hunt, who runs the service haveibeenpwned, said the timing of the two attacks appeared to be “completely coincidental” and that “multiple parties” were likely involved. “It’s clearly not just an attack,” he wrote.

Internet Archive founder Brewster Kahle has posted updates on the attacks on X. The latest news is simply that the team is trying to get the site back online. A DDoS organization called Blackmeta claimed responsibility for the attacks with the confusing message that the platform “belongs to the USA.” The Internet Archive is a nonprofit organization headquartered in San Francisco that provides free access to an extensive software and media library and hosts the Wayback Machine web archive. The message also referenced the stolen records, with “HIBP” referring to Hunt's haveibeenpwned site, which tracks compromised accounts.

This isn't the first time the Archive has been the target of DDoS attacks, but this week's attacks are the latest in a string of bad news for the Internet Archive. The platform is engaged in a legal battle over e-book copyrights and recently lost its appeal to the US Court of Appeals for the Second Circuit.

Update as of October 9, 2024, 7:25 p.m. ET: This story has been updated with additional information from security researcher Troy Hunt.