![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Yup.
I'm signed up with haveIbeenpwned.com to receive notifications of data breaches, and have received official notification that my account was included in the Livejurnal breach from 2017. I'm not taking any action right now because when the rumors started swirling about there being one a few weeks ago, I logged in and changed my passwords then. (And by 2017 I'd switched to randomly-generated passwords of 15+ characters and keeping them in 1password so I never have to actually remember them, so nothing else of mine was compromised.)
Still, if you haven't changed your LJ password since then, you need to. Especially if you reuse passwords.
Still, if you haven't changed your LJ password since then, you need to. Especially if you reuse passwords.
no subject
I just checked. Crap.
LiveJournal: In mid-2019, news broke of an alleged LiveJournal data breach. This followed multiple reports of credential abuse against Dreamwidth beginning in 2018, a fork of LiveJournal with a significant crossover in user base. The breach allegedly dates back to 2017 and contains 26M unique usernames and email addresses (both of which have been confirmed to exist on LiveJournal) alongside plain text passwords. An archive of the data was subsequently shared on a popular hacking forum in May 2020 and redistributed broadly. The data was provided to HIBP by a source who requested it be attributed to "nano@databases.pw".
no subject
no subject