By Melony Roy

PHILADELPHIA (CBS) — One of the world’s most popular websites fell victim to an attack four years ago — but the true extent of the damage is only now just coming to light. LinkedIn has admitted that tens of millions more accounts than first thought may have been compromised.

In 2012, LinkedIn suffered a massive data breach.

READ MORE: SEPTA Union Unanimously Approves Strike If Deal Isn't Reached

Nearly 7-million usernames and passwords were originally thought to have been stolen in the hack. The number now is over 100-million — a quarter of the professional networking site’s membership.

LinkedIn says it’s “taking immediate steps to invalidate the passwords of the accounts impacted” and they pledge to “contact those members to reset their passwords.”

READ MORE: Double Shooting In Eastwick Kills 25-Year-Old Man, Wounds Pregnant Woman: Police

The Motherboard website was able to confirm several victims from the data grab up for sale on the dark web for a little over $2000. LeakedSource, a search engine for hacked info, reported it was able to crack nearly all the stolen encrypted passwords in just a few days.

It’s not clear why the criminals would sit on this data for so long.

MORE NEWS: 'I Want To Go To Class': Philadelphia Students, Parents On Edge As Possible SEPTA Strike Could Force Virtual Learning

To stay protected, LinkedIn says users should update their passwords and implement two-factor authentication — a feature that sends a security code to a users phone upon login.