Australian online marketplace Freelancer has found credentials matching those of its users on third-party websites.
"Recently while cross checking public dumps of third party credential leaks from sites like Adobe, Linkedin, and Elance (and many more), we observed users that appear to have credentials in common with those dumps and thus took measures to protect our users affected," Nicholas de Jong, VP Security and Operations at Freelancer, told ZDNet.
The company sent out an email to users of its service on Friday, informing them it performed a password reset on their behalf as a precautionary security measure.
"We are writing to let you know that we have reset your Freelancer.com password because we have detected login credentials that match yours in a publicly accessible database related to a compromise of third-party website," the email cited by ZDNet reads.
The Australian Securities Exchange (ASX)-listed company reiterated to users the compromise of usernames and passwords did not occur through any Freelancer.com operated web property, but urged users to reset their password to something unique.
"As good security practice we proactively look out for users that may be at risk," de Jong added.
"We have referred these users to haveibeenpwned.com since it is an excellent resource for people to discover for themselves where they may have been exposed."
De Jong said people often have far too many passwords to remember and as a result they tend to take shortcuts by using the same password everywhere, which he said leads to situations such as this one.
"Consider using a password manager, use a different password everywhere," he explained.
For the 2016 financial year, Freelancer reported record revenue of AU$52.7 million, up 37 percent from the AU$38.6 million reported in FY15. This marked the highest revenue growth in US constant currency since the company began trading on the ASX in 2013.