Lawmakers expressed concern on Wednesday about reports that hackers had stolen millions of passwords to social-networking site LinkedIn.
LinkedIn acknowledged on Wednesday that hackers stole the passwords of some of its users. The company said it will disable the passwords of the affected users and instruct them to create new passwords.
Sen. Patrick LeahyPatrick LeahyHollywood, DC come together for First Amendment-themed VIP party The Hill's 12:30 Report Lawmakers talk climate for Earth Day, Science March MORE (D-Vt.) and Rep. Mary Bono Mack (R-Calif.) said the incident shows the need for Congress to pass data-security legislation. The two lawmakers have sponsored separate bills on the issue.
Bono Mack said she is "still trying to get additional information," but the incident "once again brings into sharp focus the urgent need for Congress to pass data protection legislation."
"Nothing threatens e-commerce more than a lack of consumer confidence, and today a lot of people are becoming very antsy about providing their personal information online,” she said in a statement.
Both bills would create a national requirement for firms to notify their customers in the event of a data breach.
The Senate is currently considering a broader cybersecurity bill, and it is possible that lawmakers could add the data breach provisions to it.
The LinkedIn news broke after two security firms told The Wall Street Journal they were able to verify that hackers had obtained the passwords to 6.5 million LinkedIn accounts, or about 4 percent of the site's users.
LinkedIn said it has implemented new security measures to protect its users' personal information.
"We sincerely apologize for the inconvenience this has caused our members," Vicente Silveira, an engineering director for LinkedIn, wrote in a blog post. "We take the security of our members very seriously."
Silveira said the company is continuing to investigate how the breach occurred.
— This story was updated at 5:25 p.m. with confirmation from LinkedIn of the security breach.