“Internet Archive Breached Again through Stolen Access Tokens”, 2024-10-20 ():
…Breached for cyber street cred: After the Internet Archive was breached, conspiracy theories abounded about why they were attacked. Some said Israel did it, the United States government, or corporations in their ongoing battle with the Internet Archive over copyright infringement. However, the Internet Archive was not breached for political or monetary reasons but simply because the threat actor could.
There is a large community of people who traffic in stolen data, whether they do it for money by extorting the victim, selling it to other threat actors, or simply because they are collectors of data breaches.
This data is often released for free to gain cyber street cred, increasing their reputation among other threat actors in this community, as they all compete for who has the most important and most publicized attacks.
In the case of the Internet Archive, there was no money to be made by trying to extort the organization. However, as a well-known and extremely popular website, it definitely boosted a person’s reputation amongst this community. While no one has publicly claimed this breach, BleepingComputer was told it was done while the threat actor was in a group chat with others, with many receiving some stolen data. This database is now likely being traded amongst other people in the data breach community, and we will likely see it leaked for free in the future on hacking forums like Breached.