- Small Business Trends - http://smallbiztrends.com -

Bitly Has Been Compromised, Change Your Password

bitly has been compromised

Bitly, the popular url shortening tool, announced to users recently the company has reason to believe it has been compromised.

In a post on the official Bitly Blog [1], CEO Mark Josephson says the company has no indication any user accounts have been accessed. But the company is taking no chances.

Bitly [2], a popular choice for Twitter and Facebook users, says it has disconnected all Facebook and Twitter accounts. The company says it has also invalidated all Bitly user credentials on both sites.

Social media users often use Bitly to create shortened urls useful when there isn’t room to include an entire website address, as on Twitter.

Josephson suggests all users change their passwords before reconnecting their social media accounts and reusing the site.

Josephson says the company believes email addresses and encrypted passwords have been compromised. But so have API keys used to interface with Bitly for use in social media publishing, share buttons and mobile apps. The company says authentication tokens containing password and other information so that users do not need to sign in every time they want to use Bitly are probably also compromised. Josephson explains:

“We are recommending all Bitly users make these changes. Please take the following steps to secure your account: Change your API key and OAuth token, reset your password, and reconnect your Facebook and Twitter accounts.”

In step by step instructions to reset API keys and authentication tokens on the site, Josephson recommends:

The Bitly staff also encourage users to contact them with any specific questions about individual accounts at [email protected]

Image: Bitly