Almost a thousand of Hungarian government credentials leaked online

Nearly 800 Hungarian government email addresses and their associated passwords have been discovered circulating online, according to an investigation by Bellingcat. The findings have raised serious questions about cybersecurity practices within key state institutions.

The open-source analysis identified 795 unique email-password combinations linked to official Hungarian government domains. Alarmingly, 12 out of Hungary’s 13 ministries were affected, including departments responsible for defence, foreign affairs and economic policy. Some of the exposed accounts belonged to individuals working in highly sensitive roles, including military officers, diplomats and cybersecurity specialists.

Great power, but no responsibility

Among those affected were a senior military official tasked with information security, a counter-terrorism coordinator within the foreign ministry, and an employee responsible for identifying hybrid threats against the country. The exposure of such accounts highlights the potential risks posed by inadequate digital safeguards, reports Bellingcat.

The leaked data was not limited to login credentials. In several cases, additional personal information—such as phone numbers, addresses, dates of birth and IP addresses—was also included in breach databases. Such data could be exploited for further cyberattacks or identity theft.

Hungarian government failed to disrupt Tisza Party with spy-software? No problem, they got another.

Poor digital hygiene at the Hungarian government

Despite the scale of the leak, the findings do not indicate a sophisticated hack of government systems. Instead, experts point to poor “digital hygiene” among users. Many officials reportedly used weak and easily guessable passwords, including variations of “password”, simple number sequences, or even their own names.

In some instances, these Hungarian government email addresses were used to register on non-work-related platforms such as dating, entertainment or sports websites. This practice significantly increases the likelihood of credentials being exposed in unrelated data breaches.

Cybersecurity specialists stress that basic precautions—such as using strong, unique passwords and enabling multi-factor authentication—could have prevented many of these incidents.

In case you missed it: “Betrayal”: Hungary’s government heavily criticised by France for co-operating with Russia.

Malware and Data Synchronisation Risks

Further analysis revealed that some breaches may have been linked to malware infections. So-called “infostealer” programs can harvest saved login credentials from infected devices. Modern browsers, which often synchronise saved passwords across devices via cloud services, can inadvertently amplify the problem.

For example, if a user saves login details on a work computer and those credentials sync to a personal device that later becomes compromised, the data may be leaked from there. Experts suggest that stricter controls on password storage and synchronisation could reduce such risks.

Unfortunately, this is not a one-off, but a pattern of problems

This is not the first time Hungary’s digital security has come under scrutiny. In 2022, investigative reports revealed that Russian intelligence services had gained access to the IT systems of the foreign ministry. Although officials initially denied the breach, later documents suggested that the attack was both extensive and long-running.

The latest revelations are likely to reinforce concerns that cybersecurity has not been treated as a priority within the Hungarian government’s institutions. Analysts argue that without proper safeguards and monitoring systems, even low-level vulnerabilities can lead to significant risks.

The incident shows the need for stronger measures

Experts emphasise that governments handling sensitive data must adopt stricter security standards. These include enforcing complex password policies, implementing multi-factor authentication, and continuously monitoring for compromised credentials.

The case also illustrates how attackers often exploit the weakest link—individual users—rather than attempting to break into well-defended systems directly. As such, improving awareness and training among staff may be just as important as investing in advanced technology.

Featured image: depositphotos.com