Bitly Suffers Data Breach, Account Credentials Compromised

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

According to an announcement made by Mark Josephson, the company’s CEO, Bitly has “reason to believe” that user  account credentials have been compromised.

“For our users’ protection, we have taken proactive steps to ensure the security of all accounts, including disconnecting all users’ Facebook and Twitter accounts,” Josephson noted in a blog post.

There’s no evidence that accounts have been accessed, but credentials within Facebook and Twitter have been invalidated. While social media accounts may appear connected to Bitly accounts, users must reconnect them before they can publish anything.

In addition to reconnecting their social media accounts, users are also advised to change their passwords, API keys and OAuth tokens.

Passwords can be reset from the “Profile” tab in the “Your Settings” menu. API keys can be changed from the “Advanced” tab by selecting the “Reset” option next to “Legacy API key.” The new key must be copied and changed in all applications, including mobile apps, share buttons and social publishers.

The company has taken steps to make sure the security holes that led to the breach have been addressed.

For the time being, Bitly hasn’t provided any details regarding when the breach occurred or who might be behind the attack.

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Leave a Reply