Social networking site LinkedIn has said it is looking into reports that nearly 6.5 million passwords of its users have been leaked.
According to Zdnet, a user on a Russian forum claimed to have downloaded 6.46m encrypted passwords for the business-focused website.
The site tweeted on Wednesday it was looking into the reports.
Claus Villumsen, CTO of internet security company BullGuard told Huff Post UK hackers could use the passwords from LinkedIn to potentially log into email accounts which use the same password.
"Your password should always be treated like a toothbrush, never share it with anyone else and change it frequently. That's a good rule of thumb.
"The details at risk here in this case are emails, phone numbers and passwords. I'm pretty sure LinkedIn wouldn't store credit card information. What's worrying if using the same password you could potentially log in to anything else."
He warned data breaches were likely to become more common in the future.
LinkedIn, which boasts more than 150m users in over 200 countries is mostly used for business networking.
Orlando Scott-Cowley, a security expert at cloud email firm Mimecast said LinkedIn's reputation could be seriously damaged by the leak. "With many users seeing the site as an extension of their business communications, rather than as a personal tool, employers need to be aware about the possible threat to corporate data that a LinkedIn breach could represent."
Rob Rachwald, Director of Security Strategy at Imperva told The Huffington Post UK companies needed to enforce "strong password policies": "Every password study leads to one basic conclusion: you can't trust consumers to make the right choice. This means companies developing applications need to enforce strong password policies while implementing sophisticated encryption to prevent continued breaches."
A LinkedIn spokesperson said: "LinkedIn is investigating this as a matter of urgency."
They added: "Our team is continuing to investigate, but at this time, we're still unable to confirm that any security breach has occurred."
Users of the site have tweeted they are changing their passwords in light of the reports.
The Next Web