An Internet security research firm warned users of the potential damage that compromised passwords can bring.
LinkedIn users should change their passwords immediately to help prevent their accounts from falling into the wrong hands, an Internet security research firm has said.
Websense Security Labs warned users of the potential damage that compromised passwords can bring.
It said on its blog, "The most potentially damaging combination would be using the corresponding username in conjunction with the stolen password.
"With this combination, you can imagine how a hacker may access an individual's LinkedIn account.
"Once access to LinkedIn is obtained, or any social network for that matter, it could be possible to send direct messages to contacts within the network or to potentially auto-post on related social networks, thus harming the reputation of the individual or the business they may represent."
"Now that hackers have a long list of potential passwords used, brute force attacks could become easier to conduct as a result of having this intelligence."
According to reports, some 6.4 million user passwords have been posted on the Web.
Vicente Silveira, director of LinkedIn, confirmed that "some of the passwords that were compromised correspond to LinkedIn accounts".
He said on LinkedIn's official blog, "We are continuing to investigate this situation and here is what we are pursuing as far as next steps for the compromised accounts: Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
"These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email.
"Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.
"These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.
He added, "It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases."