The question-and-answer site informs users that "some" of their passwords "may have been breached" in a security intrusion.
Formspring suffered a security breach in which "some user passwords may have been breached," the question-and-answer site warned today.
Formspring, which said it only learned of the network intrusion this morning, said it responded by disabling all users' passwords.
"We apologize for the inconvenience but prefer to play it safe and have asked all members to reset their passwords," Formspring founder and CEO Ade Olonoh said in a company blog post. "Users will be prompted to change their passwords when they log back into Formspring. "
The post did not offer any estimates on actual numbers of passwords affected or indicate how or when the breach occurred. CNET has contacted Formspring for additional information and will update this report when we learn more.
The San Francisco-based startup, which launched its site in 2009, announced earlier this year that it had nearly 28 million users.
In the blog's comments section, many dissatisfied users expressed a desire to have their accounts deleted, but a company representative assured them that their passwords had all been "salted," a cryptography technique that makes it harder to uncover the actual password.
The blog went on to give users a tutorial in creating strong passwords -- a helpful reminder in the wake of more high-profile password thefts at LinkedIn, eHarmony, and Last.fm. Their user passwords were among approximately 8 million posted in two separate lists to hacker sites in early June. It appears that while they were hashed, they were not salted.
