Livejournal
livejournal.com
About This Breach
Blogging platform LiveJournal appears to have suffered a security breach in 2014, according to multiple hackers who are selling and freely trading the company's user database on the dark web and on hacking forums. LiveJournal credentials were obtained in a 2014 hack, but leaked online much later. The company says hackers used old LiveJournal username and password combinations to breach DreamWidth accounts -- since the two platforms share the same codebase and users -- and post spam messages on its site.Exposed data includes email address, plain text passwords & usernames.
Data Exposed
Breach Details
| Breach Type | Data Breach |
| Searchable | Yes |
| Verified | Yes |
| Sensitive Data | No |
| Reference | https://www.cpomagazine.com/cyber-security/recently-discovered-livejournal-breach-has-been-fueling-credential-stuffing-attacks-for-six-years/ (opens in new tab) |
Frequently Asked Questions
When did the Livejournal data breach happen?
Livejournal was breached in Jan 2017. The breach was added to the XposedOrNot index on November 8, 2023.
How many records were exposed in the Livejournal breach?
26,368,201 records were exposed, making it the #66 largest of the 763 breaches in our index.
What data was exposed in the Livejournal breach?
The exposed data includes: Email addresses, Usernames, Passwords.
What should I do if I was affected by the Livejournal breach?
Change your password on the affected service (and anywhere you reused it), turn on two-factor authentication, and set up free breach alerts on XposedOrNot so you know the moment your email appears in a new breach.
More Entertainment Breaches
What Should You Do?
Change Your Passwords
Update your password immediately, using 12+ characters with numbers and symbols.
Enable Two-Factor Authentication
Add 2FA on all supported accounts using an authenticator app like Google Authenticator or Authy.
Monitor Your Accounts
Set up login alerts and review account activity regularly for suspicious access.
Use a Password Manager
Never reuse passwords: use a password manager to generate unique ones for each account.