Hackers may know what courses you took on Microsoft's online learning site.
Hackers accessed a database containing information on 9.5 million accounts—such as customer’s names, email addresses, and courses viewed—the company said in a statement on Saturday, first reported by the tech blog VentureBeat. “We are informing you of this issue out of an abundance of caution,” the note said.
The targeted database also included about 55,000 account passwords, a LinkedIn spokesperson told Fortune. These credentials were “cryptographically salted hashed,” the spokesperson said, referring to a pair of security measures that render stored data harder to decipher.
Get Data Sheet, Fortune’s daily technology newsletter.
The LinkedIn spokesperson clarified in a follow-up note that the company’s information security team used the “PBKDFv2” algorithm to hash the passwords. (Some hashing algorithms, like “bcrypt,” an industry standard, are considered superior to others, like “MD5,” a more easily crackable predecessor.)In response to Fortune’s inquiry about the time of the attack as well as its discovery, the spokesperson merely said, “This is a recent issue which we took immediate action to mitigate.”
Lynda.com said it is notifying victims of the theft. “We have no evidence that any of this data has been made publicly available and we have taken additional steps to secure Lynda.com accounts,” the LinkedIn spokesperson said in a statement provided to Fortune.
For more on data breaches, watch:
LinkedIn, the professional social networking site, purchased Lynda.com for $1.5 billion last year. Microsoft later announced its intention to acquire LinkedIn for $26.2 billion in June, a deal which closed this month.
Earlier this year, it came to light that a data breach LinkedIn suffered in 2012 was far more extensive than previously thought. The attack, which happened prior to LinkedIn’s acquisition of Lynda.com, compromised the hashed passwords of 167 million accounts, as opposed to the originally reported 6.5 million.
Last week, Yahoo revealed that it had suffered the largest known data breach on record. The company said that hackers had stolen personal data—names, emails, telephone numbers, hashed passwords, and security questions—for more than 1 billion accounts.
Update 12/19/16: This post has been updated to include additional information provided by LinkedIn, including the identity of the algorithm used to hash the leaked passwords.