A third party accessed a set of Tumblr user email addresses with salted and hashed passwords, the Yahoo-owned microblogging site said Thursday.
The credentials are from early 2013, prior to Tumblr's acquisition by Yahoo, officials said in a May 12 blog post.
The site's security team investigated the matter as soon as it became aware of the incident.
“Our analysis gives us no reason to believe that this information was used to access Tumblr accounts,” the blog said.
Officials said in the blog that those affected will be required to set a new password as a precaution. Users are instructed to visit the sites security page for more information on how to keep their accounts secure.