The Internet Archive has experienced another data breach, this time through their Zendesk email support platform.
“It’s dispiriting to see that even after being made aware of the breach weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets,” reads an email from the threat actor.
“As demonstrated by this message, this includes a Zendesk token with perms to access 800K+ support tickets sent to [email protected] since 2018.”
“Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine your data is now in the hands of some random guy. If not me, it’d be someone else.”
The emails received by users were verified as legitimate, passing all necessary authentication checks.
Bijay Pokharel
Related posts
Recent Posts
Subscribe
Cybersecurity Newsletter
You have Successfully Subscribed!
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox. You are also consenting to our Privacy Policy and Terms of Use.