LinkedIn Corp. did not say how many of the stolen passwords that were leaked online corresponded to LinkedIn accounts. In a blog post Wednesday, the company said it was continuing to investigate.
The security breach was first confirmed by U.K. Web security company Sophos. The company said a file posted online contains LinkedIn passwords' "hashes," which is a way of encrypting or storing passwords in a different form.
A Sophos consultant recommended that LinkedIn users change their passwords immediately.
LinkedIn has a lot of information on its more than 160 million members. Sensitive material includes potentially confidential information related to jobs being sought. Companies, recruiting services and others have accounts alongside individuals who post resumes and other professional information.
Also, there's the added concern that many people use the same passwords for more than one platform, so whoever stole the data could use the information to access Gmail, Amazon, PayPal and other accounts.
Before confirming the breach, LinkedIn issued security tips in a blog post Wednesday. The company said users should change passwords at least every few months and avoid using the same ones on multiple sites.
The social networking site also provided suggestions to make passwords stronger, including avoiding passwords that match words in a dictionary.
It remains unknown who was behind the reported attack.
The Associated Press contributed to this report.