In Germany, around 16 million email addresses, user names, and passwords may have been stolen, according to an announcement on Tuesday from the country's Federal Office for Information Security (BSI).
The theft was discovered through an analysis of botnets — collections of malicious software that an attacker can use to carry out tasks like collecting user information or sending spam.
Because an investigation is ongoing, the office has not released any additional information about who was responsible, or how long the attack had been going on.
The Federal Office of Information Security has set up a website where people can check if their email accounts have been compromised. Concerned internet users can submit their email address, after which they will receive a four-digit PIN number. If the email address has been compromised, the user will receive an email with a matching PIN number.
Although the office has a list of all 16 million email addresses, German law says that it cannot contact these users directly without explicit permission. The site has reportedly crashed at least once since coming online, presumably due to overwhelming demand.
The office has advised those with compromised email addresses to change their passwords to "social networking sites, online shops, email accounts and other online services" and check their computers for malware and viruses.