Hundreds of U.S. government and military personnel allegedly had their personal information released to the web by a group calling themselves the “Islamic State Hacking Division."

The information contained names, email addresses, passwords (unencrypted of course), phone numbers, etc. It would be a horrible leak, but there are questions as to the legitimacy of the data.

The leak includes hundreds of people who don't actually live in the United States. Furthermore, some of the plaintext passwords are hilariously weak – like “david8″ weak.These are hardly the kind of passwords that would be accepted by a government network. A US Department of Defense source, speaking on condition of anonymity, said the listed passwords are not strong enough to be used on official systems.

So the hack could be legit, but the type of information released could be scraped together from all over the web.

The Department of Defense would not confirm anything at this time.

Source: Avira