![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
archersangelThe tl;dr of this entry:
* Many legitimate older accounts have been broken into this week and used for spamming.
* This is not a security issue with Dreamwidth itself: we've confirmed the hijacked accounts were compromised through password re-use.
* Our investigation makes us think this is connected to 2020's LiveJournal security incident.
* For your safety, treat any password you have ever used on LiveJournal, on any account, at any point, as compromised.
* Do not reuse any password you have ever used on LiveJournal on any other site, but especially on Dreamwidth.
* If your Dreamwidth password is the same as any password you've ever used on LiveJournal, on any account, at any point, change it now.
* Please install a password manager, let it generate your passwords for you, and use it to remember your passwords.
the longer explanation is here.
also; if you're not subscribed to
![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
dw_news , you should be for info like this.
