The social networking site LinkedIn said Wednesday it is looking into reports that 6.5 million user passwords have been leaked.
"Our team continues to investigate, but at this time, we're still unable to confirm that any security breach has occurred," the company said on its Twitter feed.
The breach was first reported by the Norweigan IT website Dagens IT, claiming that 6.5 million encrypted passwords had been posted to a Russian hacker site, according to The Next Web.
Security experts warned Wednesday that LinkedIn users should change their passwords immediately to avoid potential scams from hackers.
"First change your LinkedIn password. Then prepare for scam emails about Linkedin password changes, linking to phishing sites. Will happen," Mikko Hyponen, a security expert at F-Secure, wrote on Twitter.
This story is developing. Check back for updates.
UPDATE: In a blog post Wednesday afternoon, LinkedIn confirmed that some passwords leaked online were connected to LinkedIn accounts.
Vicente Silveira, director at LinkedIn, said the compromised passwords will no longer be valid and LinkedIn members will receive emails from the company instructing them on how to reset their passwords. The emails will not contain links, Silveira said.
"For security reasons, you should never change your password on any website by following a link in an email," he said.
Silveira added that the company has also taken measures to enhance the security of its password databases. He said the company was still investigating the breach.
"We sincerely apologize for the inconvenience this has caused our members," Silveira said.
LinkedIn, which is designed for online business networking, claims to have more than 161 million members in over 200 countries and territories.
Security experts said Wednesday that the breach was a reminder for Internet users to use complex, unique passwords for various accounts.