Russian hackers leaked 6.5 million passwords from the business networking site LinkedIn this week, prompting the site to deactivate accounts to protect users.
The passwords were posted Monday to a Russian forum, Insidepro.com, a website specializing in recovering passwords from an outdated format used to store encoded passwords in a database, RIA-Novosti reported.
LinkedIn confirmed the password leak with comments in an official blog post late Wednesday, but didn't say how the hackers got access to them.
The passwords were posted in a simple cryptographic code, suggesting the networking site had been using outdated security precautions, CNNMoney reported. The format is considered to offer weak security protection if not supplemented with additional protections.
Half of the passwords have already been decoded and posted online.
Users of one hacker forum reported finding passwords including "linkedout," "recruiter," "googlerecruiter," "toprecruiter," "superrecruiter," "humanresources" and "hiring," CNNMoney said.
The extent of the damage was not immediately clear, and it was unknown whether or not the hackers knew the user accounts associated with the passwords.
LinkedIn says it is investigating the breach. The company said affected accounts would be deactivated, and users would receive emails with instructions on how to restore the accounts.