Hours later, Brewster Kahle, chairman of the group at the Internet Archive confirmed the attack on X. “Sorry, but the DDOS people are back and knocking and they’re offline,” he said in the post. “@internetarchive monitors and prioritizes keeping data safe at the cost of service availability.”
In a subsequent post, however, Kahle said “DDoS is currently protected.” It was done, he explained, by disabling the affected JS library, scrubbing programs, and improving security.
A failed rotation led to a second meltdown
In emails users received on Sunday, the threat actor said the stolen tokens could still be used since the Internet Archive had not circulated them. This includes a “ZenDesk token with permissions to access the 800k+ support tickets sent to [email protected] since 2018.”
Source link