Security News > 2021 > April > 3.2 Billion Leaked Passwords Contain 1.5 Million Records with Government Emails
A staggering number of 3.28 billion passwords linked to 2.18 billion unique email addresses were exposed in what's one of the largest data dumps of breached usernames and passwords.
The leak includes 1,502,909 passwords associated with email addresses from government domains across the world, with the U.S. government alone taking up 625,505 of the exposed passwords, followed by the U.K, Australia, Brazil, and Canada.
The passwords are said to have been obtained via techniques such as password hash cracking after being stolen or through phishing attacks and eavesdropping on insecure, plaintext connections.
There's no evidence that the breached passwords were used to carry out the cyberattack in February.
In contrast, only 18,282 passwords related to Chinese government domains and 1,964 passwords from those related to Russia were laid bare.
Users who have had their information exposed are strongly advised to change their existing passwords.