Adobe officials are investigating the breach of an online user forum related to its Connect conferencing software following a report that 230 names, e-mail addresses, and cryptographically hashed passwords were leaked online.

"At this point of our investigation, it appears that the Connectusers.com forum site was compromised by an unauthorized third party," Adobe's Guillaume Privat wrote in a blog post published on Wednesday. "It does not appear that any other Adobe services, including the Adobe Connect conferencing service itself, were impacted."

Adobe officials took the forum offline on Tuesday evening and are in the process of resetting passwords. Forum members will receive instructions for restoring their accounts once the forum is operational again.

Adobe's advisory came a few hours after IDG News reported that a self-proclaimed Egyptian hacker posted the names, e-mail addresses, and hashed passwords of 230 accounts stolen from an Adobe database. All of the exposed addresses reportedly ended in "adobe.com," ".mil," or ".gov." The hacker claimed the database contained more than 150,000 records in all.

The passwords, according to IDG, were hashed using the MD5 algorithm, which has proved to be a boon to password crackers because of the algorithm's speed and modest computational requirements. Competing functions such as bcrypt and PBKDF2, by contrast, are much more suitable for securely storing passwords because they can take orders of magnitude more time and resources to generate hashes. That creates hurdles that can significantly slow down the cracking of large numbers of hashes.

It's unclear if the 230 records that were released constitute all the personal information obtained in the breach or if the hackers have more. Because a statistically significant percentage of people use the same password for multiple sites, a large data leak could have ripple effects that compromise user accounts on a wide variety of other sites. Adobe apologized for the inconvenience the breach caused users.

Adobe's advisory didn't say if the restored service will continue to rely on MD5. In an e-mail, company spokeswoman Wiebke Lips said engineers are in the process of overhauling their password scheme to incorporate a "best practice approach that leverages the SHA 256 hash algorithm in combination with password salts and a large number of hash iterations."

Post updated to add last sentence.