LinkedIn Corp., owner of the world’s biggest professional-networking website, confirmed reports that some user passwords were compromised in a security breach.
The Mountain View, California-based company apologized to customers in a blog post and said that members will know if their accounts were affected because their passwords will no longer be valid.
“We take the security of our members very seriously,” the company said. The service has more than 160 million users.
LinkedIn said on its Twitter Inc. micro-blogging site earlier today that it was investigating reports of stolen passwords. The company cites security issues as a risk for investors in regulatory filings, and disclosed as recently as last month that it has experienced website disruptions and outages for reasons including “denial of service or fraud or security attacks.”
Future disruptions were possible, according to the May 7 filing. Breaches demonstrate a need for U.S. legislation to help safeguard data, a member of Congress said.
“How many times is this going to happen before Congress finally wakes up and takes action?” U.S. Representative Mary Bono Mack, a California Republican who heads a House Energy and Commerce subcommittee that has looked at online-privacy issues, said in a statement. “This latest incident once again brings into sharp focus the need to pass data protection legislation.”
LinkedIn sent its first Twitter message, or tweet, this morning telling users that it was looking into the issue and followed up at about 11:20 a.m. New York time, saying nothing was confirmed. A spokeswoman, Erin O’Harra, said LinkedIn would continue to update users on Twitter.
LinkedIn advised users never to change passwords by following an e-mail link, as “those links might be compromised and redirect you to the wrong place.” The company’s website has a “Settings” page where changes can be made.
“In order for passwords to be effective, you should update your online account passwords every few months or at least once a quarter,” the company said on Twitter, while listing tips on password creation.
While the company didn’t mention any specific attacks in its regulatory filings, Reuters reported in May 2011 that the website had “security flaws” that made accounts vulnerable to hackers, citing a security researcher who identified the problem.
LinkedIn rose less than 1 percent to $93.08 at the close in New York, after earlier falling as much as 1.5 percent. The stock has more than doubled since the company’s initial public offering in May 2011.