"While our investigation is ongoing, we have not found any indication that other information was accessed, nor have we received any reports of unauthorized log-ins to member accounts," eHarmony spokeswoman Becky Teraoka wrote in a blog post. "We have also been working with law enforcement authorities in our investigation and have been in touch with one of the other companies affected as well."
The blog post doesn't give specific numbers on how many members were affected by the incident, but Teraoka wrote that it was a "small percentage of accounts." The company disabled the passwords of those accounts and sent an e-mail to affected members, advising them to change their passwords.
Last.fm, which also reported compromised passwords this week, took a similar route. The company's updated passwords have been secured with "a more rigorous method for user data storage," Last.fm's Matthew Hawn wrote today in a blog post. Last.fm has not responded to an e-mail from CNET asking for clarification of the method.
eHarmony's confirmation followed news of LinkedIn's security breach earlier on Wednesday. Some LinkedIn account passwords were on a list of 6.5 million passwords posted to a hacker forum. eHarmony passwords were believed to be on a separate list of 1.5 million passwords that was posted online. Last.fm chimed in the next day with its own concerns of a password leak.
It's still unclear how many users are affected and if other Web sites will issue warnings. Users who think they might have been affected should immediately change their passwords on those sites and any other sites they may have used the password for.