The online travel community TripAdvisor today informed its members that an unspecified portion of the TripAdvisor email list of its membership was stolen by an attack on a vulnerability in its system.

The result is that TripAdvisor members should be aware they may receive some type of spam, the company said, adding that the incident is still under investigation.

The notification to TripAdvisor members went out in an email from co-founder and CEO Steve Kaufer, who wrote, "We're taking this incident very seriously and are actively pursuing the matter with law enforcement. The reason we are going directly to you with this news is that we think it's the right thing to do."

TripAdvisor declined to provide further detail about the number of members involved, but said it has fixed the "source of the vulnerability and shut it down." The company noted it doesn't collect credit card or financial information, and does not sell or rent its member list. The company also believes that despite the data-breach incident, member passwords "remain secure."