Records from over 30 databases have been stolen, with each containing up to 3.5 billion passwords, say cybersecurity researchers