The Inquirer-Home

Bitly issues urgent security update warning users of data breach

Advises users to change passwords, API keys and Oauth tokens
Fri May 09 2014, 10:53
Security threats - password theft

LINK SHORTENING SERVICE Bitly warned that its users' credentials have likely been compromised on Thursday, and issued an urgent security update.

Bitly said in a blog post that its URL shortening service has likely been hacked, advising users that it is taking "proactive steps" to ensure that user accounts are kept secure.

Bitly CEO Mark Josephson said, "We have reason to believe that Bitly account credentials have been compromised. We have no indication at this time that any accounts have been accessed without permission.

"For our users' protection, we have taken proactive steps to ensure the security of all accounts."

Josephson advises users that, while it seems no sensitive details have been pinched, to change their passwords, API keys and Oauth tokens. Bitly provides instructions on how to do this on its website.

Users with Facebook and Twitter accounts linked to Bitly will have to reconnect, too, Josephson warned, with the service invalidating all credentials due to the apparent attack.

"We invalidated all credentials within Facebook and Twitter. Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles.

"We take your security and trust in us seriously. The team has been working hard to ensure all accounts are secure. We apologise for any inconvenience and we will continue to update our Twitter feed, @Bitly, as we have any further updates," Josephson added.

Bitly has yet to release any further details about the breach. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Dead electronic devices to be banned on US-bound flights

Will the new rules banning uncharged devices be effective?