Bitly link-shortening service compromised
Bitly have announced that they believe their users accounts, including users’ email addresses, encrypted passwords, API keys and OAuth tokens, have been compromised.
Bitly says “We have no indication at this time that any accounts have been accessed without permission... For our users' protection, we have taken proactive steps to ensure the security of all accounts, including disconnecting all users' Facebook and Twitter accounts.”.
They have also recommend that users take the following actions as soon as possible:
- Reset their Bitly password;
- Disconnect and reconnect any Twitter or Facebook accounts from the Bitly settings area, including any connected third party applications;
- Reset their Bitly API key from within the advanced settings area. If you are a developer using your API key, copy the new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.
Bitly's chief executive Mark Josephson wrote: "The team has been working hard to ensure all accounts are secure."
He has published a blog post outlining steps the above and what other steps users were advised to take.