Purported LiveJournal Data Breach Leads to 26 Million User Records Being Stolen

In a story that seems to start in 2014, blogging platform LiveJournal appears to have suffered a data breach. The LiveJournal data breach—whose database of users’ names, email addresses and plain-text passwords was supposedly sold and traded on the Dark Web many times over the past six years—has been speculated about by several different entities.

While the LiveJournal data breach may have occurred as early as 2014, some sources can only link the database of 26 million user records with any reasonable certainty to about three years ago. In 2018, rumors of a LiveJournal data breach surfaced once again when users reported being victims of a sextortion campaign. The victims knew where the stolen information had come from because it was involved unique email addresses and password combinations that they had only used on LiveJournal.

Later, the database was discovered making the rounds on the Dark Web as various hackers used or leaked it online. The well-known data breach search site Have I Been Pwned received the LiveJournal database on May 27, 2020, and lists the formal date of the original breach as January 1, 2017. However, that could be the only verifiable time frame for this particular set of user information and not the actual data breach event date.

The LiveJournal database appears to have been posted for sale online and traded privately between hackers using it for credential stuffing attacks. In that form of attack, fraudsters gain access to usernames and passwords and try those combinations on numerous other sites. If any LiveJournal users reused their username and password on another site, the hackers – or anyone who purchased the database – would have access to those accounts as well.

With that said, not everyone who buys a database of this kind intends to steal account access. Other malicious actors use these records for spam email campaigns, phishing attacks, ransomware attacks and other harmful tactics.

Credential stuffing is a major problem in information security. With so many data breaches and compromised consumer records, reusing a password is essentially the same as failing to secure an account. For some time, security experts have recommended changing to an easy to remember, but difficult to attack, passphrase instead of the old eight-character passwords.

For its part, LiveJournal’s owner, Rambler Group, has not confirmed that a LiveJournal data breach ever occurred, despite the users’ information available online. The company claims that this database and the connection to hacking involving its other platform DreamWidth are merely coincidental and that the database of LiveJournal or DreamWidth users’ login credentials was simply gleaned through unrelated breaches or malware attacks on users’ computers and then compiled into one file. This is despite the fact that ads offering the LiveJournal database for sale are still posted online.

If someone believes they might have been impacted by a potential LiveJournal data breach, they can live-chat with an Identity Theft Resource Center expert advisor. They can also call the ITRC toll-free at 888.400.5530. Finally, they can download the free ID Theft Help App for iOS or Android to communicate with advisors via live chat, use the case management tool to track their action for resolving their data breach case, find resources for protecting themselves from further harm and much more.

---

You might also like…

Formjacking Tactics Used in FabFitFun Data Breach

Arbonne Data Exposure Compromises Thousands of Accounts

Consumers Should Watch Out for COVID-19 Job Reopening Scams