More than a dozen top officials set to take office as part of President-elect Donald Trump's administration have already had their personal data hacked over the past four years, leading to fears sensitive government data could be put at risk in the future.
Passwords used by key players in Trump's cabinet, including his cybersecurity advisor, Rudy Giuliani, are reportedly included within the datasets of major breaches that emerged last year from websites including Dropbox and LinkedIn, which exposed millions of user accounts in total.
An investigation conducted by Channel4 News uncovered passwords linked to at least 14 appointees chosen for key roles including secretary for labour, secretary for the interior, director of Oval Office operations and the press secretary.
A number of these so-called "mega-breaches", which also included social media and networking websites such as MySpace and Tumblr, ended up for sale on the Dark Web. Channel4 News said the passwords were available for as little as $4 (£3).
Additionally, the probe turned up a number of passwords used by Lt Gen Michael Flynn, the former military intelligence officer who will be taking up the role as national security advisor after the inauguration on Friday 20 January.
The revelation has led to fears that if officials have reused their passwords on other online accounts, sensitive – even classified – information may be put at risk.
Troy Hunt, a cybersecurity expert who runs breach notification website HaveIBeenPwned.com, said the password leaks of such high-profile (and high-target) officials could be a security nightmare.
"Let's say someone from Trump's team has data leaked and it appears on a totally unrelated forum somewhere and someone takes those credentials and accesses the individual's Gmail," said Hunt.
"If this is an individual in a position of power or influence they may well have discussions in their personal mail that could be compromising. And if they don't then the attacker who gains access to that Gmail may then use that account to begin a conversation with other people in the contact list, impersonate them, and elicit information from other individuals. It then just opens up a door to a raft of much bigger problems."
Throughout the 2016 election campaign, cybersecurity became a major talking point following the cyberattack against the Democratic National Committee (DNC) in June. The US Intelligence Community (IC) firmly believes this was orchestrated by Russian hackers.
Yet experts, from both the US government and private cybersecurity firms, believe the DNC hack was only one part of a much larger operation: to influence the outcome of the election and help get Trump into the position of commander-in-chief.
In his first press conference of 2017, Trump slammed Democratic Party officials for having weak cybersecurity practices. "They did a very poor job, and they could have had hacking defence which we had," he said.
Most recently, Trump's cybersecurity advisor, Rudy Giuliani, was criticised after his own website was found to be littered with vulnerabilities, including an expired SSL encryption and an exposed CMS login page. Later, the website was mysteriously taken offline.