The passwords were stored with no scrambling or hashing
Login names and passwords for more than 98 million users of the Russian Rambler.ru email service have reportedly been stolen and put online.
The data included email addresses and passwords that had been stored without any protection, a security firm said.
Leaked Source said the massive cache of credentials dated from 2012 but had only now been leaked and put online.
And it had come from a hacker who had supplied security firms with 43 million user names from music service Last.fm.
Rambler has been described as the Russian equivalent of Yahoo as it offers email services as well as acting as a news and content hub for its users.