An investigation by Bellingcat found close to 800 Hungarian government email addresses and their associated passwords circulating in public breach databases, including accounts linked to the Ministry of Interior, the Ministry of Defense, and NATO-affiliated personnel. [1] The passwords discovered include "Snoopy," "Adolf," and variations on the word "Password" — the kind of credentials that any automated credential-stuffing attack identifies in seconds. [1]

The exposure is not a single hack. The credentials appear across multiple breach dumps accumulated over years — the consequence of officials using work email addresses to register for third-party services that were later compromised. [1] The pattern is consistent with how many large-scale credential exposures occur: not through direct breaches of government systems, but through the leaked databases of peripheral platforms.

Hungary's position inside NATO makes the security implications more than domestic. Members of NATO share intelligence and use common systems; a compromised credential belonging to a defense ministry official is a potential entry point into shared infrastructure. [2] Hungary under Viktor Orbán has already attracted scrutiny over its relationship with Moscow — the credential exposure arrives at a moment when that scrutiny is running particularly high.

Bellingcat published its findings alongside the passwords and usernames in an anonymized format sufficient to verify the pattern without enabling further exploitation. [1] Hungarian government officials had not publicly responded to the findings at the time of publication.

-- KATYA VOLKOV, Moscow