Recently Discovered LiveJournal Breach Has Been Fueling Credential Stuffing Attacks for Six Years

[InfoSec News <alerts () infosecnews org>]

https://www.cpomagazine.com/cyber-security/recently-discovered-livejournal-breach-has-been-fueling-credential-stuffing-attacks-for-six-years/

By Scott Ikeda
CPO Magazine
June 8, 2020

Anyone who had a LiveJournal account circa 2014 should make certain that they
aren’t still using the same password for any other accounts. A record of 26
million LiveJournal usernames and plaintext passwords was just submitted to Have
I Been Pwned, but it is not a new breach. This hack occurred nearly six years
ago and has been kept quiet as it has been sold from one underground source to
another, not becoming visible to the general public until mid-2019. It appears
to have been fueling credential stuffing attacks connected to brute-force
botnets during this time, with the bulk of the activity directed at
LiveJournal’s new social media service Dreamwidth.


The 2014 LiveJournal breach

At some point in 2014, what appears to be a total breach of all of LiveJournal’s
accounts occurred. The hackers obtained the usernames, email addresses and
passwords of over 26 million site users. Given that was more than double the
amount of active users the site had at the time, it is reasonable to assume that
the breach exposed the personal data of users going back some years prior to
2014 (LiveJournal first launched in 1999).

The passwords were encrypted with MD5, which is relatively easy and fast to
decrypt with brute force methods. The leaked files found in the wild recently
already had all of the passwords converted to plain text.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_