The data that you can search through in this website is collected from honeypots being run in the Internet. Connections via SSH and Telnet leave their used credentials in a log that is correlated and extracted for use on this website.
We are Borg
Typically, it will not be a person trying to log in but rather a machine; in botnet basics, the machine connecting to the honeypot is attempting to add the honeypot host to the botnet. Think of the quite famous Mirai Botnet with 60-or-so credentials that are being leveraged to assimilate more hosts.
What came first, of course, is the Tyranny of the Default (Credentials) and not the Mirai botnet; the botnet exists because these credentials are widely left in place on Internet-exposed hosts.
The OpenCanary Experience
The OpenCanary Experience (TOCE) gives some background on the honeypots and dives into some of the discoveries those deployments are making.