Last.fm warns users of password leak

Last.fm today urged its users to change their passwords because of a compromise that may be related to a huge password leak involving LinkedIn and eHarmony.

"We are currently investigating the leak of some Last.fm user passwords. This follows recent password leaks on other sites, as well as information posted online," a Last.fm blog post said. "As a precautionary measure, we're asking all our users to change their passwords immediately."

The blog post did not say how many users were affected or how the passwords were leaked. A Last.fm executive did not immediately respond to an e-mail and a phone message seeking comment.

Last.fm users should log in to the site and change their passwords on the settings page. The music site said it will never e-mail a direct link to update settings or ask for passwords, so if users receive such e-mails they are spam.

Yesterday, LinkedIn and eHarmony came out with similar warnings about password compromises. But the statements lacked vital details. And there are likely to be more warnings as companies discover that users' passwords are among a huge list of 6.5 million and at least one other list that were posted to a Russian hacker site earlier this week.

In addition to changing passwords on the affected sites, people should change passwords on other sites if they used those same passwords there. More information on what to do if you think your passwords may have been compromised is here.

"We're sorry for the inconvenience around changing your password; Last.fm takes your privacy very seriously," the blog post said. "We'll be posting updates in our forums and via our Twitter account (@lastfm) as we get to the bottom of this."

CNET will provide updates as more information comes out.

Last.fm is owned by CBS, parent company of CNET.

Updated 10:55 a.m. PT with more background, details.