SAN FRANCISCO - Professional social network LinkedIn on Wednesday said it is investigating the reports that it had been hacked and lost around 6.5 million passwords.
"Our team is currently looking into reports of stolen passwords. Stay tuned for more," LinkedIn said in a tweet on Twitter.
Over the past three days, an unknown hacker has posted more than 8 million encrypted passwords on a Russian forum to request help cracking them.
Although LinkedIn has yet to confirm the attack, several security professionals said that 6.5 million hashed passwords belong to users of LinkedIn and another 1.5 million possibly belong to users of a popular dating site eHarmony.
"I can confirm this hack is real: the password I use for LinkedIn is in that list," said Robert Graham, chief executive officer of security consulting firm Errata Security, in a blog post.
Among the leaked passwords, around 300,000 are believed to have been cracked, according to technology news site The Next Web.
Security experts advised users to change their LinkedIn passwords as soon as possible.
"While our investigation continues, we thought it would be a good idea to remind our members that one of the best ways to protect your privacy and security online is to craft a strong password, to change it frequently (at least once a quarter or every few months) and to not use the same password on multiple sites," LinkedIn said in a latest post on its official blog.