The hackers continue to steal user data and this time it has affected almost a million accounts spread across various websites including Facebook, Twitter, Yahoo and others.

Data security has become a major concern over the past few months, with users being vulnerable at the hands of hackers and the NSA. Despite the rising concern, several accounts and websites are hacked regularly for destructive reasons. Chicago-based cyber-security firm Trustwave found shocking evidence of almost 2 million passwords being stolen under the nose since October 21. The hackers had been collecting this enormous data from well-known websites including Facebook, Google, Yahoo, Twitter, and several others around the globe.

Hackers started collecting the data by infecting several thousand personal computers and by setting up keylogging software that sent stolen information through a proxy server to the hackers. This makes it impossible to trace the infected computers, but the data security team tracked the data, which led to a server in the Netherlands. Hackers had gathered login credentials from more than 93,000 websites.

According to Trustwave's data, hackers had gained access to 318,000 passwords from Facebook, 60,000 from Yahoo, 70,000 from Google, 22,000 from Twitter and 8,000 from LinkedIn. In addition, 9,000 passwords from Odnoklassniki, a Russian social network and 8,000 from ADP Payroll services were hacked. According to Trustwave, Facebook credentials may be a "nice catch" but payroll services "could actually have direct financial repercussions."

Trustwave notified all the companies affected by the attack and posted the findings online, Tuesday.

"We don't have evidence they logged into these accounts, but they probably did," John Miller, a security research manager at Trustwave, told CNN.

Although the hacking process started in October, CNN reports that the process is still ongoing. Miller said that the company tracked the Netherlands server but other servers remain anonymous.

Trustwave advises that all users have their internet security software up-to-date along with their browsers, Adobe and Java. Also using unique passwords can be helpful considering the agency found most users had their passwords set as 123456, 123456789, 1234 and 12345.