An unnamed representative for the site hasn’t said how many passwords, or even what percentage of the userbase is affected but has requested that users update their passwords right away:
We are currently investigating the leak of some Last.fm user passwords. This follows recent password leaks on other sites, as well as information posted online. As a precautionary measure, we’re asking all our users to change their passwords immediately.
Which would indicate they don’t plan to reset the passwords themselves as eHarmony reportedly didshortly after discovering their breach; LinkedIn also apologized for the inconvenience.
As with other sites, Last.fm has also advised that the new password is different to the password used on other services and recommended this link to create a newer, stronger, and better password.
It would appear that this is an attack by the same person, or group and we can probably expect more high level breaches of security unless these companies act now to protect customer data.