The passwords and login credentials of 47 U.S. federal agencies have reportedly been leaked online. The NSA and departments of Defense, Energy and Treasury are among the agencies affected and now potentially at risk of cyberattack. A CIA-backed data-mining startup called Recorded Future discovered the data breach. “Two-factor authentication is an option offered by various online services, including Facebook, Gmail and PayPal, to heighten individual security and provide a second layer of defense,” reports ZDNet. “However, as of early 2015, 12 of the U.S. agencies — including the Departments of State and Energy — which have lost credentials online do not stipulate the use of two-factor authentication when users access their systems.”