Thousands of Government Email Credentials Exposed on the Dark Web
Researchers at Proton have uncovered a widespread leak of official government email credentials, including plaintext passwords, on the dark web. The breach affects public officials globally, with the UK experiencing the highest exposure rate 68% of its House of Commons members had their email addresses compromised, and 284 passwords were exposed, 216 in plaintext.
In the U.S., 67% of state legislators’ emails appeared in breach datasets, with Massachusetts seeing the highest exposure (84% of its officials). New Hampshire had the most passwords leaked, while Arizona and Oklahoma had every legislator’s email compromised at least once. Additionally, 20% of U.S. political staffers’ official emails were exposed, with 1,848 credentials fully compromised.
Spain fared better, with only 39 of its 615 politicians’ emails leaked and just nine passwords exposed in plaintext.
The risks of such leaks are severe. Without multi-factor authentication (MFA), attackers could access sensitive government communications, leading to reputational damage, blackmail, or further phishing attacks. Reused passwords could also grant access to critical government systems. While many governments now mandate MFA, the exposure of credentials remains a significant security threat.
Senado cybersecurity rating report: https://www.rankiteo.com/company/senado
State of Arizona cybersecurity rating report: https://www.rankiteo.com/company/state-of-arizona
State of Oklahoma cybersecurity rating report: https://www.rankiteo.com/company/state-of-oklahoma
"id": "SENSTASTA1775839715",
"linkid": "senado, state-of-arizona, state-of-oklahoma",
"type": "Breach",
"date": "4/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '68% of members (emails), 284 '
'passwords (216 in plaintext)',
'industry': 'Public Sector',
'location': 'United Kingdom',
'name': 'UK House of Commons',
'type': 'Government'},
{'customers_affected': '67% of state legislators '
'(emails), 1,848 credentials '
'fully compromised (political '
'staffers)',
'industry': 'Public Sector',
'location': 'United States',
'name': 'U.S. State Legislators',
'type': 'Government'},
{'customers_affected': '84% of officials (emails)',
'industry': 'Public Sector',
'location': 'Massachusetts, United States',
'name': 'Massachusetts State Officials',
'type': 'Government'},
{'customers_affected': 'Most passwords leaked',
'industry': 'Public Sector',
'location': 'New Hampshire, United States',
'name': 'New Hampshire State Officials',
'type': 'Government'},
{'customers_affected': '100% of legislators (emails)',
'industry': 'Public Sector',
'location': 'Arizona, United States',
'name': 'Arizona State Legislators',
'type': 'Government'},
{'customers_affected': '100% of legislators (emails)',
'industry': 'Public Sector',
'location': 'Oklahoma, United States',
'name': 'Oklahoma State Legislators',
'type': 'Government'},
{'customers_affected': '39 of 615 politicians (emails), '
'9 passwords in plaintext',
'industry': 'Public Sector',
'location': 'Spain',
'name': 'Spanish Politicians',
'type': 'Government'}],
'attack_vector': 'Credential Leak',
'data_breach': {'data_encryption': 'No (plaintext passwords exposed)',
'personally_identifiable_information': 'Email addresses, '
'passwords',
'sensitivity_of_data': 'High (government communications)',
'type_of_data_compromised': 'Email credentials, plaintext '
'passwords'},
'description': 'Researchers at Proton have uncovered a widespread leak of '
'official government email credentials, including plaintext '
'passwords, on the dark web. The breach affects public '
'officials globally, with the UK experiencing the highest '
'exposure rate (68% of its House of Commons members had their '
'email addresses compromised, and 284 passwords were exposed, '
'216 in plaintext). In the U.S., 67% of state legislators’ '
'emails appeared in breach datasets, with Massachusetts seeing '
'the highest exposure (84% of its officials). New Hampshire '
'had the most passwords leaked, while Arizona and Oklahoma had '
'every legislator’s email compromised at least once. '
'Additionally, 20% of U.S. political staffers’ official emails '
'were exposed, with 1,848 credentials fully compromised. Spain '
'fared better, with only 39 of its 615 politicians’ emails '
'leaked and just nine passwords exposed in plaintext. The '
'risks of such leaks are severe, including potential access to '
'sensitive government communications, reputational damage, '
'blackmail, or further phishing attacks.',
'impact': {'brand_reputation_impact': 'High',
'data_compromised': 'Email credentials, plaintext passwords',
'identity_theft_risk': 'High',
'operational_impact': 'Potential unauthorized access to sensitive '
'communications',
'systems_affected': 'Government email systems'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
'lessons_learned': 'Lack of MFA and password reuse pose significant security '
'risks for government entities.',
'post_incident_analysis': {'corrective_actions': 'Enforce MFA, audit password '
'security, monitor for '
'credential leaks',
'root_causes': 'Credential leaks on the dark web, '
'lack of MFA, password reuse'},
'recommendations': 'Enforce Multi-Factor Authentication (MFA) for all '
'government email accounts and implement password security '
'best practices.',
'references': [{'source': 'Proton Research'}],
'response': {'remediation_measures': 'Multi-Factor Authentication (MFA) '
'recommended',
'third_party_assistance': 'Proton (researchers)'},
'title': 'Thousands of Government Email Credentials Exposed on the Dark Web',
'type': 'Data Breach',
'vulnerability_exploited': 'Lack of Multi-Factor Authentication (MFA)'}