Social sharing site Buffer has been hacked, and it’s halting its service until it figures out what happened.

Buffer, which lets users space out their social media updates for maximum impact, officially reported the breach on Saturday afternoon.

“We greatly apologize for this big mess we’ve created. Buffer has been hacked,” the company wrote on its Facebook page Saturday.

It’s not yet clear how many of Buffer’s 1 million or so users were affected by the hack, though it’s likely that the app’s sizable userbase is what made it a target in the first place.

While Buffer maintains that user passwords are safe, hackers have used the exploit to spam user accounts on Facebook, Twitter, Google+, and other sites.

In order to put an end to the spam, Buffer recommends that users either change their account passwords or revoke Buffer access to their social media accounts.

There’s not much detail from Buffer on the hack, though as of the time of publishing, it doesn’t seem as if the Buffer team itself knows just yet.