Change your passwords as URL shortener Bit.ly gets hacked

Change-your-passwords-URL-shortener-Bitly-gets-hackedHello and Assalamo Alaikum,

Recently I came to know about Bit.ly account credentials may have been compromised. I personally never used this URL shortener service but many people do as I just checked their Alexa Traffic Rank is just 290 which is really good in terms of traffic to their domain. It was a shock to see such a big site getting their user’s data compromised somehow. But things look better and hopefully they will take the necessary steps in order to keep thing completely safe and secure.

If you guys have an account with them I strongly recommend you to change the password. Complete detail on what’s going on right now and what steps to follow for securing your account are here:

Also I will copy the message from the above link:

UPDATE #4 – MAY 11 at 11:33AM EDT: We are sending an email to all users from the domain bitlysupport.com outlining the steps to secure your account.  If you have already followed the steps to secure your account, you do not need to do so again.

UPDATE #3 – MAY 9 at 2:45PM EDT: We have updated this post to address questions regarding the Bitly iPhone app.

UPDATE #2 – MAY 9 at 10:30AM EDT:  We have updated this post to explain what specifically was compromised and we’re encouraging all of our users to secure their Bitly accounts by following the recommendations listed below.

UPDATE #1 – MAY 8 at 8:32PM EDT: We have updated the section of this post regarding users who have Twitter or Facebook accounts connected to their Bitly accounts.

We have reason to believe that Bitly account credentials have been compromised; specifically, users’ email addresses, encrypted passwords, API keys and OAuth tokens. We have no indication at this time that any accounts have been accessed without permission. We have taken steps to ensure the security of all accounts, including disconnecting all users’ Facebook and Twitter accounts. All users can safely reconnect these accounts at their next login.

We are recommending all Bitly users make these changes. Please take the following steps to secure your account: change your API key and OAuth token, reset your password, and reconnect your Facebook and Twitter accounts.

We invalidated all credentials within Facebook and Twitter. Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles.

Following are step-by-step instructions to reset your API key and OAuth token:

1) Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.

2) At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’

3) Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.

4) Go to the ‘Profile’ tab and reset your password.

5) Disconnect and reconnect any applications that use Bitly. You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings.’

We have already taken proactive measures to secure all paths that led to the compromise and ensure the security of all user data going forward.

If you’re experiencing any trouble with the Bitly iPhone app, please update to the latest version found here.  We have expedited an update to address any issues.

If you have account-specific questions, you can reach us at support@bitly.com.

We take your security and trust in us seriously. The team has been working hard to ensure all accounts are secure.  We apologize for any inconvenience and we will continue to update our Twitter feed, @Bitly, as we have any further updates.

Thank you.

Mark Josephson
CEO, Bitly”

Security is always a concern on internet and we must make sure to keep our passwords a combination of letters, special characters and numbers. Also try to keep different passwords for all the sensitive and important sites you think are for yourself.

Like this Article? Subscribe to Our Feed!

You can leave a response, or trackback from your own site.

2
Leave a Reply

avatar
1 Comment threads
1 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
2 Comment authors
AbdulBasitHassan Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Hassan
Guest
Hassan

I don’t use this url shortening service very much but as I have an account at bit.ly, I received the same email few days ago.

Thank you for the update, your blog is worth reading every post of it. And thanks for helping out a new learner in the domaining world.