First LinkedIn, then eHarmony, and now possibly Last.fm. As the number of sites falling victim to password hackers continues to grow, the questions are flooding in: are these incidents all connected? And, perhaps more importantly, who’s next?

On Thursday, the CBS-owned, London-headquartered music site told users that it was investigating a potential password leak — and that while evidence of what had been published and how it may have been obtained was not entirely clear, it wanted to take the precaution of getting users to change their details.

Here’s the announcement:

The company has not made any other public statement, but it’s clearly extremely concerned about the possibility of passwords being leaked in the wake of the other breaches — which saw more than 14 million passwords from LinkedIn and eHarmony appear online.

Right now the extent of Last.fm’s breach is not clear, but warning all users to change their security details is not something that any web service takes lightly, given the potential damage to the site’s reputation.

All three incidents appear to be linked to a single web forum, frequented by cryptographers and fraudsters, where password hashes are often posted and decrypted. As Ars Technica reports, the LinkedIn and eHarmony breaches are linked to a hacker known only as “dwdm” — a Russian-speaking individual who has been dumping data on passwords for some time.

There appear to have been a series of dumps over recent days, although the posts have now been removed from the site in question and the original seem to have disappeared from Yandex Disk (the equivalent of Google Drive, where dwdm was storing data).

More to come, surely.

Photograph copyright Shutterstock / Tatiana Popova

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• GigaOM Euro 20: the European startups to watch
• Controversy, courtrooms and the cloud in Q1
• Monetizing music in the post-scarcity age