Bit.ly, the URL shortening service, which shortens more than one billion links per month, has suffered a data breach or possibly hacked. Bitly has urged all its users to reset their passwords amid a security breach that happened few days back.
A post on Bilty’s official blog by CEO Mark Josephson says,
“We have reason to believe that Bitly account credentials have been compromised; specifically, users’ email addresses, encrypted passwords, API keys and OAuth tokens. We have no indication at this time that any accounts have been accessed without permission. We have taken steps to ensure the security of all accounts, including disconnecting all users’ Facebook and Twitter accounts”.
Bitly disconnected social accounts
Bitly assured that as a precautionary measure it disconnected its users Facebook and Twitter accounts which were synced to Bitly accounts.
“We invalidated all credentials within Facebook and Twitter. Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles”, said the CEO.
The company said that it has taken proactive measure to secure all paths that led to the compromise and ensure the security of all user data going forward.
Bitly also suggested some important steps to be taken for protecting security breach.
- Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.
- At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’
- Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.
- Go to the ‘Profile’ tab and reset your password.
- Disconnect and reconnect any applications that use Bitly.
You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings’.
Besides coming up with a warning in their blog post, Bitly also updated its users about this security breach through Twitter.
We appreciate that team Bitly is trying hard to put this important news across its users, in case you missed it, it’s time to get your password changed.