Bellingcat's investigation found nearly 800 Hungarian government email and password pairs circulating in breach dumps, spanning ministries including defense and foreign affairs. Passwords used by officials were notably weak — examples include 'FrankLampard', '123456aA', and 'linkedinlinkedin' — and were reused across third-party services. The breach also includes data from a 2023 NATO eLearning platform compromise. Infostealer logs tied to dozens of machines, some from as recently as last month, suggest some devices may have been actively compromised rather than just caught in old leaks. The incident highlights poor basic security hygiene at the government level, with no sophisticated attack techniques required.
Sort: