Instead of using a private email address to gain access to the bowels of the Internet, some members of the U.S. military apparently used their work accounts.

Three us.army.mil email addresses are associated with accounts on a sexual fetish forum, according to the security expert who revealed the breach this week. Email addresses belonging to the Polish military and Brazilian government are also implicated.

The breach of RoseButtBoard.com, a site dedicated to “extreme anal dilation and anal fisting,” is attributed to a gaping security hole caused by outdated software, which allowed a hacker to access account information on more than 100,000 users.

Vice News first reported the hack on Tuesday, after Australia-based web security expert Troy Hunt took steps to verify the authenticity of records for 107,303 accounts.

Hunt provided to U.S. News information about the .gov or .mil accounts involved, six in total, but did not provide the specific addresses, saying he personally avoids looking at individual account information for privacy reasons.

The U.S. Army indicated in a statement that using military email to register for a fisting forum would be improper. Federal communications systems including email “can be used for official and authorized purposes only,” the statement says.

The guidelines are laid out in Army Regulation 25-2, which bans personal use of government resources involving "pornography or obscene material,” as well as “transmission of chain letters” and online gambling.

“Online misconduct is inconsistent with these regulations and policies, and with the values Army professionals are obligated to uphold," the Army says. "The Army remains committed to ensuring all of our personnel use government communication systems appropriately, and to preventing and addressing actions inconsistent with these policies."

The number of government email addresses is significantly smaller than the roughly 15,000 Ashley Madison accounts registered to an address ending in .mil or .gov. That hack last year exposed an enormous number of people looking to have an affair, including “traditional marriage” campaigner Josh Duggar.

Hunt says affected email addresses belong to subscribers of haveibeenpwned.com, a site he maintains that allows people to see if they are affected by hacks. The addresses won’t be publicly searchable on that site, but can be checked by the verified owner of an email address -- a treatment given to Ashley Madison records and those from a handful of other hacked sites, including Adult Friend Finder and Naughty America.

Ironically, Hunt says curious people could learn if an email address is registered to an account on the fetish site by entering it with the forum’s password reset function.

The leaked account information includes usernames, email addresses, IP addresses and passwords.

“The data was sent to me by someone who trades in data breaches,” says Hunt, who authors web security courses and has repeatedly been recognized by Microsoft for his industry contributions. “This is often the way; data is hacked from systems then shared within select groups of people until someone eventually then sends it to me, too.”

RELATED CONTENT Hacker Says He Easily Accessed Hillary Clinton's Private Email Server

An email seeking comment from the fetish forum’s administrator did receive a response. Most of the site’s discussion board are inaccessible to non-members.

Without a review of the site content it’s unclear if the average forum user risks any legal consequences, though members of the military are not free to do what they please in their personal lives. Military law, for example, still criminalizes adultery.