The company said on its official blog that it believed that the attackers were attempting to access the accounts using credentials that had been obtained from a breach of another company's user database.