Lulz Security said the passwords belonged to members of the Atlanta chapter of Infragard, a public-private partnership devoted to sharing information about threats to U.S. physical and Internet infrastructure.
Copies of the purported passwords which appear to belong users from the U.S. Army, cybersecurity organizations and communications companies were swiftly posted online.
The group also claimed to have used one of the passwords to steal nearly 1,000 work and personal emails from the chief executive of Wilmington, Delaware-based Unveillance LLC.
In a statement, Lulz Security claimed it was acting in response to a recent report that the Pentagon was considering whether to classify some cyberattacks as acts of war.
It wasn’t immediately possible to verify all of the hackers’ claims, although the FBI said Sunday that it was aware of the incident and that steps were being taken to mitigate the damage.
Infragard’s website was briefly defaced before being taken down over the weekend. It remained “under construction” Sunday. Emails sent to Infragard and several of its members weren’t immediately returned.
Lulz Security describes itself as a group which attacks weakly-protected websites for fun and sport.
Earlier Sunday, Nintendo said it had been targeted in a recent attack claimed by Lulz Security. On Thursday, the group boasted of a breach which saw as many as tens of thousands of Sony users’ details posted to the Internet.
Lulz Security has claimed credit for defacing the PBS website after the broadcaster aired a documentary seen as critical of WikiLeaks founder Julian Assange.
Emails and other messages seeking comment from the group over the past few days have gone unanswered, although it maintains an active presence on microblogging site Twitter, where it taunts its opponents and promises more hacks.