More than 40,000 users victims of phishing attacks had their credentials for unlocking online accounts for government services stolen. The information might have already been sold on underground hacker forums. Hackers were able to grab the username/password pairs via malicious emails distributed well-known spyware tools like Pony Formgrabber, AZORult, and Qbot (Qakbot) Creds for websites of Italian Ministry of Defense (difesa.it) were also compromised. Most of the victims are from Italy (52%) followed by Saudi Arabia (22%) and Portugal (5%)
Source: https://www.bleepingcomputer.com/news/security/hackers-steal-over-40k-logins-for-gov-services-in-30-countries/