Cyber security specialists have discovered a repository of around 2m passwords to Web services accounts such as Facebook, Google, Twitter and Yahoo, while investigating a Netherlands-based server, Reuters reported.

According to the cyber researchers from Trustwave's SpiderLabs, the server is a notorious command-and-control hub for botnet known as "Pony". SpiderLabs has since contacted Dutch authorities and requested that the server be taken offline.

More than 90,000 websites had been compromised and were represented among the passwords found. SpiderLabs said it had informed the most affected companies.

The data is said to include (approximate figures): 326,000 Facebook accounts, 60,000 Google accounts, 59,000 Yahoo accounts and 22,000 Twitter accounts. A wide range of countries were represented among the victims, including the United States, Germany, Singapore and Thailand.

The cyber researchers said the passwords were easily cracked because they were weak. Examples of logon credentials discovered in the data store are: "password", "admin", "123" and "1". The most common password was found to be "123456", which was used in nearly 16,000 accounts.