Great point on the email, yeah. Earlier I did a quick search on email domain names, and found (IIRC) a few thousand .mil and .gov addresses. Sampling from those, the email addresses were mostly wallet-name@whatever.
That Jan 25 date is interesting, because Denise has seen a claim for June/July 2014.
But I have just now realized a different way to check! The dump doesn't just contain emails, usernames, and passwords. It also appears to contain user IDs, which are sequential numbers, starting with 1 for bradfitz. They are also public information and can be seen on profile pages to verify. cut -d' ' -f1 ~/tmp/lj-breach-2014.txt | sort -rn | head gives me the largest IDs. The newest 3 are all purged accounts, but I checked the profile of the 4th newest and it says "Account Created on 31 May 2012".
In 2018, I think we narrowed the window to roughly "2011 to 2014", but now I'd bet money on May 2012.
no subject
That Jan 25 date is interesting, because Denise has seen a claim for June/July 2014.
But I have just now realized a different way to check! The dump doesn't just contain emails, usernames, and passwords. It also appears to contain user IDs, which are sequential numbers, starting with 1 for bradfitz. They are also public information and can be seen on profile pages to verify.
cut -d' ' -f1 ~/tmp/lj-breach-2014.txt | sort -rn | headgives me the largest IDs. The newest 3 are all purged accounts, but I checked the profile of the 4th newest and it says "Account Created on 31 May 2012".In 2018, I think we narrowed the window to roughly "2011 to 2014", but now I'd bet money on May 2012.