this post was submitted on 07 Feb 2024
149 points (98.7% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

55072 readers
568 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
 

American nonprofit OCLC is known globally for its leading database of bibliographic records, WorldCat. A few months ago, many of these records were posted publicly by the shadow library search engine, Anna's Archive. OCLC believes that this is the result of a year-long hack and, with a lawsuit filed at an Ohio federal court, it demands damages.

WorldCat Sues Anna’s Archive

It is no secret that publishers fiercely oppose the search engine’s stated goals. The same also applies to OCLC, which has now elevated its concerns into a full-blown lawsuit, filed this month at a federal court in Ohio.

The complaint accuses Washington citizen Maria Dolores Anasztasia Matienzo and several “John Does” of operating the search engine and scraping WorldCat data. The scraping is equated to a cyberattack by OCLC and started around the time Anna’s Archive launched.

“Beginning in the fall of 2022, OCLC began experiencing cyberattacks on WorldCat.org and OCLC’s servers that significantly affected the speed and operations of WorldCat.org, other OCLC products and services, and OCLC’s servers and network infrastructure,” OCLC’s complaint notes.

“These attacks continued throughout the following year, forcing OCLC to devote significant time and resources toward non-routine network infrastructure enhancements, maintenance, and troubleshooting.”

The non-profit says that it spent roughly $68 million over the past two years developing and enhancing WorldCat records, which are an essential part of its operation. Having a copy of the data publicly available through Anna’s Archive is a direct threat to its business.

OCLC claims that Anna’s Archive unmasked itself as the “perpetrator of the attacks on WorldCat.org” when it publicly announced its scraping effort. This includes a detailed blog post the operators published on the matter, encouraging the public to use the scraped data.

In addition to harvesting data from WorldCat.org, the defendants are also accused of obtaining and using credentials of a member library to access WorldCat Discovery Services. This opened the door to yet more detailed records that are not available on WorldCat.org.

OCLC says that it spent significant time and resources to address the ‘attacks’ on its systems.

“These hacking attacks materially affected OCLC’s production systems and servers, requiring around-the-clock efforts from November 2022 to March 2023 to attempt to limit service outages and maintain the production systems’ performance for customers.

“To respond to these ongoing attacks, OCLC spent over 1.4 million dollars on its systems’ infrastructure and devoted nearly 10,000 employee hours to the same,” the complaint adds.

you are viewing a single comment's thread
view the rest of the comments
[–] isles@lemmy.world 2 points 10 months ago

the hacker obtained and used the member’s credentials to authenticate the requests to the server as a member library.

Hacking is the act of breaking into a computer system without authorization or exceeding authorized access.

This part could be hacking. Not that I care and think this is frivolous.

requiring around-the-clock efforts from November 2022 to March 2023 to attempt to limit service outages and maintain the production systems’ performance for customers.

Doesn't major hosting require 24/7 monitoring anyway? Like they should have been doing this for more than just 11/22 to 3/23.