Lawsuit Accuses Anna's Archive of Hacking WorldCat, Stealing 2.2 TB Data - Lemmy.World

> American nonprofit OCLC is known globally for its leading database of bibliographic records, WorldCat. A few months ago, many of these records were posted publicly by the shadow library search engine, Anna’s Archive. OCLC believes that this is the result of a year-long hack and, with a lawsuit filed at an Ohio federal court, it demands damages. > WorldCat Sues Anna’s Archive > > It is no secret that publishers fiercely oppose the search engine’s stated goals. The same also applies to OCLC, which has now elevated its concerns into a full-blown lawsuit, filed this month at a federal court in Ohio. > > The complaint accuses Washington citizen Maria Dolores Anasztasia Matienzo and several “John Does” of operating the search engine and scraping WorldCat data. The scraping is equated to a cyberattack by OCLC and started around the time Anna’s Archive launched. > > “Beginning in the fall of 2022, OCLC began experiencing cyberattacks on WorldCat.org [http://WorldCat.org] and OCLC’s servers that significantly affected the speed and operations of WorldCat.org [http://WorldCat.org], other OCLC products and services, and OCLC’s servers and network infrastructure,” OCLC’s complaint notes. > > “These attacks continued throughout the following year, forcing OCLC to devote significant time and resources toward non-routine network infrastructure enhancements, maintenance, and troubleshooting.” > > The non-profit says that it spent roughly $68 million over the past two years developing and enhancing WorldCat records, which are an essential part of its operation. Having a copy of the data publicly available through Anna’s Archive is a direct threat to its business. > > OCLC claims that Anna’s Archive unmasked itself as the “perpetrator of the attacks on WorldCat.org [http://WorldCat.org]” when it publicly announced its scraping effort. This includes a detailed blog post the operators published on the matter, encouraging the public to use the scraped data. > In addition to harvesting data from WorldCat.org [http://WorldCat.org], the defendants are also accused of obtaining and using credentials of a member library to access WorldCat Discovery Services. This opened the door to yet more detailed records that are not available on WorldCat.org [http://WorldCat.org]. > > OCLC says that it spent significant time and resources to address the ‘attacks’ on its systems. > > “These hacking attacks materially affected OCLC’s production systems and servers, requiring around-the-clock efforts from November 2022 to March 2023 to attempt to limit service outages and maintain the production systems’ performance for customers. > > “To respond to these ongoing attacks, OCLC spent over 1.4 million dollars on its systems’ infrastructure and devoted nearly 10,000 employee hours to the same,” the complaint adds.