Social networking site Formspring says it has been hacked and the company disabled the passwords of nearly 30 million registered users as a precaution after hundreds of thousands of them leaked to the Web.
Formspring said in a blog post that the breach happened after an intruder broke into one of the San Francisco-based company's servers and made off with about 420,000 encrypted passwords, which were later posted to a security forum.
Although encrypted passwords aren't immediately useable, they can sometimes be decoded by a savvy attacker.
Formspring founder Ade Olonoh said in a blog post that the company had fixed the vulnerability and upgraded its encryption.
Olonoh said Tuesday that the company wanted to "play it safe" and had asked all users to reset their passwords.