Server configuration data for social-blogging service Tumblr was exposed on Saturday due to human error, the company has said.
Tumblr said its technicians took immediate action in response to the breach.
"We're triple checking everything and bringing in outside auditors to confirm, but we have no reason to believe that anything was compromised," Tumblr wrote in a blog post on Saturday afternoon. "We're certain that none of your personal information (passwords, etc) was exposed, and your blog is backed up and safe as always."
"The fact that this occurred at all is still unacceptable, and we'll be seriously evaluating and adjusting our processes to ensure an error like this can never happen again," Tumblr wrote.
The source of the security flaw appears to be a missed opening PHP tag, according to code, allegedly from Tumblr that was posted to Hacker News on Saturday. The code contained server information and passwords for other social services such as Facebook and Twitter.