What happened
According to public breach records, the LiveJournal data breach on January 1, 2017 is reported to have exposed the personal information of 26,372,781 accounts.
In mid-2019, news broke of an alleged LiveJournal data breach. This followed multiple reports of credential abuse against Dreamwidth beginning in 2018, a fork of LiveJournal with a significant crossover in user base. The breach allegedly dates back to 2017 and contains 26M unique usernames and email addresses (both of which have been confirmed to exist on LiveJournal) alongside plain text passwords. An archive of the data was subsequently shared on a popular hacking forum in May 2020 and redistributed broadly.
Passwords in this breach were reportedly stored in plaintext.
A database of roughly 26 million LiveJournal accounts—containing email addresses, usernames, profile URLs, and passwords—began circulating widely on hacker forums around May 2020, after credential-abuse signals first surfaced against the LiveJournal fork Dreamwidth as early as 2017-2018. The passwords were reportedly stored as MD5 hashes that had been cracked back to plaintext, and the data was notable for fueling years of credential-stuffing attacks and password-extortion emails against former users. LiveJournal has never confirmed that a breach occurred or that the database is legitimate, stating the data may have been compiled from multiple sources, though the exposed usernames and email addresses have been confirmed to match real LiveJournal accounts. ["Change your LiveJournal password immediately, and change it anywhere else you reused the same password—these credentials have actively driven credential-stuffing attacks across other sites.", "Enable two-factor authentication on any account that shares the leaked email or old password, so a stolen password alone can't grant access.", "Treat extortion or 'I have your password' emails quoting an old LiveJournal password as a scam tied to this leak—don't pay; just confirm the password is retired everywhere.", "Stay alert for phishing to the exposed email address, since email plus a real username makes targeted lures more convincing."]
What data was exposed
The following types of personal data were compromised:
- Email addresses
- Passwords
- Usernames
Breach details
| Detail | Value |
|---|---|
| Breach name | LiveJournal |
| Date | January 1, 2017 |
| Accounts affected | 26,372,781 |
| Domain | livejournal.com |
This summary is compiled from public breach-notification data and known leak databases. Figures reflect what those sources report and may be revised as more is learned. If something here looks wrong or you think your information is involved, contact our support team.
We report breaches as a factual record to help people check their exposure. Inclusion here is not an allegation of wrongdoing or negligence by LiveJournal; it reflects a publicly reported security incident.
What to do now
Based on the data exposed in this breach, here are the steps you should take:
- Change your LiveJournal password immediately, and change it anywhere you reused that same password—these credentials have actively fueled credential-stuffing attacks on other sites.
- Turn on two-factor authentication wherever the leaked email or old password is used, so a stolen password alone can't unlock the account.
- Treat 'I have your password' extortion emails quoting an old LiveJournal password as a scam tied to this leak—don't pay; just retire that password everywhere.
- Watch the exposed email address for phishing, since a real email paired with a username makes targeted lures more convincing.
Check your exposure
Data breaches are one of the ways your personal information ends up on data broker sites. Run a free scan to see which sites are exposing your personal data — and take action to remove it.
Sources
- Have I Been Pwned: LiveJournal Data Breach
- 26 million LiveJournal accounts being shared on hacker forums - BleepingComputer
Find out what data brokers know about you
Run a free scan to see which sites are exposing your personal information — name, phone, address, email, and more.
Start your free scan →