Online learning platform Lynda.com has begun notifying its 9.5 million users that it recently experienced unauthorised third party access to a database that contains contact information of account holders, their learning data, and courses viewed.
The LinkedIn subsidiary -- and now Microsoft subsidiary -- said there was no evidence the breach included the leak of passwords in the compromised data, but a spokesperson for LinkedIn told ZDNet it has reset the passwords for approximately 55,000 Lynda.com users as a precautionary measure.
While the spokesperson said there is no evidence that any of the data has been made publicly available, the social media site has "taken additional steps to secure Lynda.com accounts".
"We are informing you of this issue out of an abundance of caution," Lynda.com said. "While we have no evidence that your specific account was accessed or that any data has been made publicly available, we wanted to notify you as a precautionary measure."
Lynda.com is a subscription-based online learning portal where members can focus on a range of business and technology skill sets.
LinkedIn bought Lynda.com in April last year in a cash and stock deal valued at approximately $1.5 billion.
Microsoft acquired LinkedIn in June in an all-cash transaction worth $26.2 billion.
At the time, it was said the purchase slotted in nicely with Microsoft's increasing push to focus on business customers.
In September, LinkedIn announced the availability of LinkedIn Learning, which combines Microsoft's resources with Lynda.com's content and LinkedIn's vast trove of professional and networking data.
After Microsoft acquired LinkedIn, LinkedIn CEO Jeff Weiner said that six of the top 25 most popular Lynda.com courses are related to Microsoft products.
The Lynda.com breach comes days after Yahoo disclosed that more than 1 billion accounts may have been stolen from company systems in another cyber attack.
Yahoo said in a statement last week that attackers stole the accounts in August 2013, a year prior to a previously disclosed attack in September 2014 when attackers stole around 500 million accounts.