Threat actor (SN_BlackMeta, linked to pro-Palestinian hacktivist movement) defaced archive.org with a JavaScript alert and simultaneously exfiltrated a 6.4 GB SQL file ‘ia_users.sql’ containing 31 million user records (email addresses, screen names, bcrypt password hashes, timestamps). Breach data current to 28 September 2024; disclosed 9 October when defacement appeared on site. Data shared with Have I Been Pwned; 54% of records already in HIBP. Internet Archive confirmed archival material was safe. A simultaneous DDoS attack also disrupted service.