Two million log-ins and passwords from services such as Facebook, Google and Twitter have been found on a Netherlands-based server, part of a large botnet using controller software nicknamed "Pony."
Another company whose users' log-in credentials showed up on the server was ADP, which specializes in payroll and human resources software,
wrote Daniel Chechik, a security researcher with Trustwave's SpiderLabs.
