Australian Government departments, universities and schools appear to have been caught up in the actions of the notorious LulzSec hacker group.

The group, which took down the CIA website yesterday, has leaked 62,000 worldwide email addresses and passwords.

Some include AusAid, Victorian Government departments and local councils in Victoria and New South Wales.

Passwords for email accounts within eight universities, including the Australian National University, the University of New South Wales and the University of Queensland, were also leaked, along with the log-ins for two high schools in Queensland and Melbourne.

"These are random assortments from a collection," LulzSec says in the file containing the data.

"So don't ask which site they're from or how old they are, because we have no idea.

"We also can't confirm what percentage still work, but be creative or something. Enjoy, and remember: Lulz Security always delivers."

The group says its actions aim to bring some fun to the "drabness of the cyber community".

But Mark Hachmann from PC Magazine says the leaked data constitutes a serious security breach.

"It's not quite clear whether those user names and passwords were affiliated with any particular group of users," he said.

"That person's account could be used in what's called a phishing attempt to try and socially engineer user names and passwords out of other accounts or information that could be used for malicious purposes.

"It's unclear how they obtained this information. Obviously they're somewhat serious."

In a Twitter post, LulzSec claimed 2,000 people had downloaded the leaked files so far.

"Releasing 62,000 possible account combinations is the loot for creative minds to scour; think of it like digging a very unique mineshaft," the group tweeted.

"Last time we did this, one of you hijacked the account of some dude who was secretly cheating on his partner. That's pure gold, nicely done."

Australians have been urged to change their account passwords in case their details were among those leaked.

Yesterday's LulzSec attack on the CIA website was not technically a hack, but rather a distributed denial-of-service attack, which bombards a site with requests so that it malfunctions.