Users of Formspring, a social question and answer website popular among young teenagers, today learned their passwords were disabled by site administrators following a security breach.
An email sent by the Formspring team stated that passwords were disabled "for security reasons" and needed to be reset when users next logged in.
"We learned this morning that we had a security breach where some users passwords may have been accessed," wrote CEO Ade Olonoh on the site's official blog, adding that all user passwords had been disabled.
"We apologise for the inconvenience but prefer to play it safe and have asked all members to reset their passwords," he wrote. Olonoh did not provide details as to the nature of the breach or how many passwords had been directly affected, only listing recommended guidelines for users to create strong new passwords.
Tech website CNet reported that Formspring was made aware of the breach "by someone who spotted about 420,000 passwords posted to a security forum that appeared to come from Formspring".
Users have expressed concerns about the security of their information in comments posted to the blog, with some threatening to close their accounts. According to responses posted by Formspring staff, user passwords had been salted and hashed, a cryptography process used to enhance security. One response stated that the site has now upgraded to using the hash function BCrypt.
According to reports, Formspring has attracted 28 million users since it started in 2009. Over 4 billion answers have been published by users in response to questions from other 'Formspringers'.
Are you happy with the Facebook News Feed redesign?Related story: Facebook shakes up News Feed