Digital Bounds Logo

Bitly Warns of Possible Security Breach

If you still use Bitly to shorten and track your links analytics then you should change your passwords across the internet.  The users’ email addresses, encrypted passwords, API keys and OAuth tokens have all been compromised in this security breach. The company says it has done all necessary steps to secure the account information and service, which includes disconnecting all connected services such as Facebook and Twitter.  While many don’t use the service anymore because Twitter has its own URL shortener built in.  Many still use it as a way to customize their URls to their own domain or to keep track of how many users clicked their links.

Bitly also wants you to reset API connections;

Following are step-by-step instructions to reset your API key and OAuth token:

1) Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.

2) At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’

3) Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.

4) Go to the ‘Profile’ tab and reset your password.

5) Disconnect and reconnect any applications that use Bitly. You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings.’

The company didn’t outline how the attack occurred but this is just a slew of online attacks on social websites. With more and more people going online the availability of users information is at a hackers fingertips, and more often than not they will get away with it. Bitly appears to have altered users in a timely fashion and corrected the security holes, but others have not handled these situations well.

The best defense is to use different unique passwords for each site along with two-step authentication which is now being offered on more and more sites. If

Source :

Bitly Blog

Comments