The scam has been masterminded by the same team who crippled the CIA's website just days ago, who call themselves Lulz Security.
More than 62,000 passwords, log-ons and email addresses have been made available to Twitter users – massively compromising the security of vast numbers of Paypal and Facebook accounts.
Lulz Security are actively encouraging people to use the details to make fraudulent online purchases.
In just four minutes after the security passwords were published 21,000 people attempted to download them and Twitter was awash with claims from people who said they had used them successfully.
Lulz Security have been blamed for attacks on Sony, Nintendo, the US Senate, the US Public Broadcasting System but this is their most sinister stunt to date.
The shadowy group said they had 'just done it for kicks' and added: “Releasing 62,000 possible account combinations is the loot for creative minds to scour; think of it like digging a very unique mineshaft.”