Hacker News: brettdavhttps://news.ycombinator.com/user?id=brettdavHacker News RSShttps://hnrss.org/hnrss v2.1.1Sun, 03 May 2026 16:20:00 +0000<![CDATA[Hacker sends email blast to Internet Archive Zendesk support ticket submitters]]>I received the following email as a response to a long closed support email. I don’t see anything to indicate it isn’t from Internet Archive’s actual Zendesk instance.

========

The Internet Archive Team (Internet Archive) Oct 20, 2024, 05:22 CDT

It's dispiriting to see that even after being made aware of the breach 2 weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets.

As demonstrated by this message, this includes a Zendesk token with perms to access 800K+ support tickets sent to info@archive.org since 2018.

Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine—your data is now in the hands of some random guy. If not me, it'd be someone else.

Here's hoping that they'll get their shit together now.

Comments URL: https://news.ycombinator.com/item?id=41894870

Points: 10

# Comments: 5

]]>Sun, 20 Oct 2024 12:21:41 +0000https://news.ycombinator.com/item?id=41894870brettdavhttps://news.ycombinator.com/item?id=41894870https://news.ycombinator.com/item?id=41894870