Since 2014
LiveJournal is a classic networking site even before Facebook. This social and blogging platform was painted to suffer a data breach back in 2014 but never confirmed officially. Yet, there are rumors again that the stolen database from 2014 was traded in hacking forums on the dark web. And now, many are acknowledging this breach to be real, as the database is circulating online for free! Many cybersecurity researchers and few users even have found LiveJournal’s stolen database containing 33+ million records online. It was shared across many hacking forums, underground groups, and even on Telegram! After filtering the database by removing duplicates, the actual records count up to 26.3 million unique user records. It contains usernames, passwords, email addresses, and profile URLs. Though the passwords are first encrypted with MD5 hashes, they’re now converted to plaintext.
LiveJournal Denies!
Though many have seen and even verified some of the records to be true, LiveJournal denies acknowledgment of breach. On the other hand, Dreamwidth Studios, a fork from LiveJournal years ago, has just reported being experiencing credential stuffing attacks. As both the LiveJournal and Dreamwidth shares the same code infrastructure, it’s possible that credentials stolen from LiveJournal can be used on Dreamwidth platform.
— definitely not a hugo award winning fanfic author (@rahaeli) May 26, 2020 Further, Troy Hunt from HaveIBeenPwnd has responded from many reports and added the breached database to his HIBP site. Thus, any LiveJournal user thinking of being compromised can check their status in HaveIBeenPwnd site with their login email. And if found to be compromised, change the credentials right away. Via: ZDNet | BleepingComputer