remix logo

Hacker Remix

Hacker sends email blast to Internet Archive Zendesk support ticket submitters

10 points by brettdav 3 days ago | 5 comments

I received the following email as a response to a long closed support email. I don’t see anything to indicate it isn’t from Internet Archive’s actual Zendesk instance.

========

The Internet Archive Team (Internet Archive) Oct 20, 2024, 05:22 CDT

It's dispiriting to see that even after being made aware of the breach 2 weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets.

As demonstrated by this message, this includes a Zendesk token with perms to access 800K+ support tickets sent to info@archive.org since 2018.

Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine—your data is now in the hands of some random guy. If not me, it'd be someone else.

Here's hoping that they'll get their shit together now.

koutsie 3 hours ago

I wonder what's happening in the behind the scenes of this. What info is being redacted/made up as we speak. Sure IA isn't the only one, but it sure is the largest and probably widest reaching (viability-wise) of the archival services on-line.

mickelsen 2 days ago

Why are they attacking it so bad? They are a good thing, is this a state actor, are they looking for something or they just don't care?

firefax 2 days ago

>Why are they attacking it so bad?

I can think of many people who don't like a potent OS-INT resource.

An academic once told me a story about how they had to pull out a wayback of a company's privacy policy, because when they called them out for violating it there merely edited the policy to make the behavior ok. (Without changing the "last updated" date)

It's also a potent censorship circumvention tool -- if you aren't willing to block all of IA, then it's a way to access a lot.

Hashex129542 3 days ago

I hope they'll comeback soon. They are just major part of the internet.

toomuchtodo 3 days ago

I hope IA has engaged law enforcement.