On Monday, AOL urged all of its millions of email account holders to change their passwords following a data breach as reported by the Wall Street Journal. Users are strongly encouraged to also change their security questions. The company is investigating a security incident involving unauthorized access to a significant number of user accounts.

The compromised information included email addresses, encrypted passwords, answers to security questions, postal addresses and address book information. So far there has been no indication that the encryption on the passwords or security questions was broken, said AOL. The company also said that at this point, there has been no reason to suspect that users’ financial information was accessed during the breach.

The company said that they began an investigation after noticing a large increase in the number of spam emails appearing as "spoofed emails" from AOL addresses. "Spoofed" messages don't originate from a sender's email account or the service provider, the company said.

AOL stated that it started a probe after it noticed a big jump in the number of spam emails appearing as "spoofed emails" from AOL addresses. "Spoofed" messages don't originate from a sender's email account or the service provider, the company said. Instead, the addresses are edited to make emails appear that they have been sent from legitimate accounts, and are meant to trick recipients into opening the messages.

AOL stated, "We are working closely with federal authorities to pursue this investigation to its resolution," and also added, "Our security team has put enhanced protective measures in place and we urge our users to take proactive steps to help ensure the security of their accounts."

The initial report of the attack affecting AOL users was reported last week, but the breach is suspected to be larger than originally thought.