NordPass and NordStellar have uncovered a significant exposure of passwords belonging to U.S. civil servants, according to recent research. The study revealed that 53,070 passwords were found in publicly accessible sources since the start of 2024. The Department of State was the most affected, with 15,272 exposed passwords, followed by the Department of Defense with 1,897 and the U.S. Army with 1,706. Additionally, seven compromised passwords were linked to White House employees.
Karolis Arbačiauskas from NordPass emphasized the potential risks: "Exposure of sensitive data, including passwords, of civil servants is particularly dangerous. Compromised passwords can affect not only organizations and their employees but also large numbers of citizens." He added that these incidents could threaten national strategic interests.
The research identified recurring passwords due to multiple incidents involving a single email address or shared use among individuals. A total of 2,241 unique passwords were documented across various institutions.
Despite perceptions that national institutions are better protected against cyber threats than local ones, many exposed passwords belonged to state and regional employees. However, federal entities like those shaping foreign affairs and defense policies remain targets for cybercriminals.
Arbačiauskas noted that the number of leaked passwords doesn't necessarily indicate an organization's security strength: "These figures are often influenced by external factors." Larger organizations have more digital footprints, increasing exposure risk during breaches.
The study also highlighted weak password practices among some civil servants but acknowledged that many officials adhere to strong password protocols due to organizational cybersecurity policies.
Arbačiauskas warned about potential access threats if exposed passwords aren't changed or if multi-factor authentication isn't enabled: "We found hundreds of thousands of email addresses with other exposed data like names... This data can be exploited for phishing attacks."
NordPass advises creating strong and unique passwords for each account and implementing multi-factor authentication as key protective measures.
NordPass collaborated with NordStellar in this research effort which spanned several countries including the U.S., monitoring over 5,500 organizations for password exposures between 2024 and 2025. They informed all affected organizations prior to public disclosure.
Information from this article can be found here.
