(Bloomberg News) LinkedIn Corp., owner of the world's biggest professional-networking Web site, said it's looking into unconfirmed reports of stolen passwords and urged users to embrace practices for guarding information.
The company is continuing an investigation and hasn't determined whether a security breach occurred, the Mountain View, California-based LinkedIn said on its Twitter Inc. micro- blogging site in the latest of a series of messages.
LinkedIn cites security issues as a risk for investors in regulatory filings. In a quarterly report to the U.S. Securities and Exchange Commission last month, LinkedIn said it has experienced website disruptions and outages for reasons that have included "denial of service or fraud or security attacks." Future disruptions were possible, according to the filing. Breaches demonstrate a need for U.S. legislation to help safeguard data, a member of Congress said.
"How many times is this going to happen before Congress finally wakes up and takes action?" said U.S. Representative Mary Bono Mack, a California Republican who heads a House Energy and Commerce subcommittee that has looked at online- privacy issues, in a statement. "This latest incident once again brings into sharp focus the need to pass data protection legislation."
LinkedIn sent its first Twitter message, or tweet, this morning telling users that it was looking into the issue and followed up at about 11:20 a.m. New York time, saying nothing was confirmed. A spokeswoman, Erin O'Harra, said LinkedIn would continue to update users on Twitter.
Password Tips
"While our investigation continues, we thought it would be a good idea to remind our members that one of the best ways to protect your privacy and security online is to craft a strong password," LinkedIn later said in a post.
LinkedIn advised users never to change passwords by following an e-mail link, as "those links might be compromised and redirect you to the wrong place." The company's website has a "Settings" page where changes can be made.
"In order for passwords to be effective, you should update your online account passwords every few months or at least once a quarter," the company said on Twitter, while listing tips on password creation.
While the company didn't mention any specific attacks in its regulatory filings, Reuters reported in May 2011 that the website had "security flaws" that made accounts vulnerable to hackers, citing a security researcher who identified the problem.