A hacker has netted more than 2 million passwords for users of major services including Facebook, Gmail, Twitter, Yahoo, and LinkedIn, according to the security firm Trustwave..

The attacker installed keylogging software on users’ computers in 92 countries, recording their logins and user passwords as they were typed.

The companies themselves were not breached, but ADP, Facebook, LinkedIn, and Twitter have reset passwords and alerted compromised users, CNNMoney reports.

This attack got around 1.5 million website login credentials, 320,000 email account credentials, 41,000 FTP credentials, 3,000 remote desktop credentials, and more.

Unfortunately, if you look at the passwords hacked, it shows a keylogger may have been overkill. Trustwave reports that the most common passwords were “123456,” “123456789,” “1234,” and “password.”

Is any password safe nowadays?