Bitly website hacked, accounts credentials compromised

[ARMOUR]

Bitly hacked, disconnects Facebook and Twitter accounts

Bitly(bit.ly), the Popular URL shortening service, has issued an urgent security warning about a security breach that exposed account's credentials.

Popular URL shortening service Bitly has issued a security warning saying that it suspects that user account credentials have been compromised. To protect its users, the service has disconnected Facebook and Twitter accounts of all its users and they can safely reconnect the accounts at next login.

"We have no indication at this time that any accounts have been accessed without permission," said Mark Josephson, CEO of the company. "We invalidated all credentials within Facebook and Twitter. Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles," he added.

Bitly has also advised users to change their API keys and OAuth tokens, reset their password, and reconnect Facebook and Twitter accounts.

Users are advised to take the following steps to reset their OAuth tokens and API Keys:

1) Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.

2) At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’

3) Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.

4) Go to the ‘Profile’ tab and reset your password.

5) Disconnect and reconnect any applications that use Bitly. You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings.’

SOURCE : Bitly Blog

[Diego T.]

Heartbleed?