Live Journal, Five Tier and others fall victim of data leaks.

A total of 4 breach events were found and analysed resulting in 26,519,417 exposed accounts containing a total of 3 different data types of personal datum . The breaches found publicly and freely available included Live Journal, Five Tier, iT Pro and Soul Mates. Sign in to view the full library of breach events which includes, where available, reference articles relating to each breach.

Data Breach Analysis

The breached platforms include LiveJournal, Five Tier, iT Pro, and Soul Mates. Each represents a different sphere of digital interaction: social publishing, marketing technology, IT news and services, and online dating, respectively.

LiveJournal is one of the older blogging and journaling platforms on the internet, dating back to the early 2000s. Though its popularity has declined over the years, it still has a user base that includes writers, niche community groups, and users in regions such as Russia, where it remains more active. The breach associated with LiveJournal has circulated widely for years, with claims suggesting that over 26 million user records were compromised.

Due to its longevity, many users may no longer remember that they ever created a LiveJournal account. This creates a hidden vulnerability, especially for those who used the same password elsewhere. Attackers commonly use such legacy credentials in credential stuffing attacks on modern services, hoping for password reuse. Additionally, due to LiveJournal's nature as a semi-public personal platform, compromised accounts could also reveal links to posts or journals that users assumed were private or forgotten.

Five Tier is a marketing automation and media distribution company that serves businesses looking to optimise customer communication through digital signage, messaging, and mobile engagement. While it’s a more niche provider compared to mainstream CRMs or ad platforms, any breach involving marketing services carries risk due to the kinds of customer and business metadata that may be exposed.

The concern with such a breach is twofold. First, attackers gaining access to business emails can use them to conduct phishing campaigns that appear credible due to their origin. Second, a compromised Five Tier account could allow for unauthorised access to communication workflows or ad campaigns, potentially damaging a company’s reputation or allowing malicious actors to manipulate outbound messaging.

iT Pro, a technology news and professional services platform, caters to IT decision-makers, system administrators, and tech executives. While this may not seem particularly sensitive at first glance, IT-focused platforms often become secondary targets in supply chain attacks. For example, attackers may use these credentials to impersonate professionals in the tech industry or to initiate dialogue with other IT stakeholders under false pretences.

Moreover, if leaked credentials from iT Pro are reused on corporate systems or other technology vendor accounts, the damage could escalate significantly. Even the perception that a senior IT professional has been compromised can undermine trust or invite additional targeted attacks, such as spear-phishing or LinkedIn-based impersonation.

Soul Mates is an online dating platform that targets individuals looking for long-term connections rather than casual encounters. Unlike more gamified or swipe-based dating apps, Soul Mates tends to attract users seeking meaningful connections, often sharing more personal details in the process.

Dating platforms carry an inherent sensitivity. Even if the breach didn’t include chat logs or profile content, the mere knowledge that a user was active on the platform could be personally damaging, especially for individuals in conservative communities or those with public reputations. Furthermore, attackers could use dating platform breaches to engage in highly targeted extortion, catfishing, or identity fraud.

Despite the relatively small number of data types involved, the breach is still high impact due to the volume and the diversity of industries. Together, these platforms span personal expression, professional communication, enterprise marketing, and intimate relationships. In essence, they represent a cross-section of a user's personal, professional, and emotional identity online.

Another point of interest is that many of these accounts may belong to older users who are less likely to practice modern cybersecurity hygiene. Legacy users may still be using passwords created more than a decade ago, and are less likely to have adopted two-factor authentication, making them especially vulnerable to account takeovers.

The exposure of over 26 million accounts also has broader implications for threat actors engaged in building identity graphs, comprehensive models of individuals’ digital presence. Email addresses are often the common thread linking these platforms together, and when they surface in breaches, they become entry points for larger, automated campaigns that test passwords across hundreds of services.

For researchers and observers, this breach set offers an opportunity to examine how personal and professional lives are increasingly entangled in online platforms that may not appear related on the surface. Whether someone joined LiveJournal in 2007, subscribed to IT Pro in 2015, created a marketing dashboard on Five Tier in 2020, or joined Soul Mates during the pandemic, each service now forms a node in their broader digital identity.