Bitly, the link shortening service, came up short on security. Bitly CEO Mark Josephson took to the company’s blog to discuss the security breach.
“We have reason to believe that Bitly account credentials have been compromised; specifically, users’ email addresses, encrypted passwords, API keys and OAuth tokens,” Josephson wrote in a blog post.
Bitly recommends all of its users change their API key and OAuth token plus reset passwords and reconnect Facebook and Twitter profiles.
They list the steps you need to take over at their blog post. I’ll also list it below.
Following are step-by-step instructions to reset your API key and OAuth token:
1) Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.
2) At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’
3) Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.
4) Go to the ‘Profile’ tab and reset your password.
5) Disconnect and reconnect any applications that use Bitly. You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings.’
Bitly has been proactive following the security breach and has taken “measures to secure all paths that led to the compromise and ensure the security of all user data going forward.”
Josephson finishes up his post with an apology. “We take your security and trust in us seriously. The team has been working hard to ensure all accounts are secure. We apologize for any inconvenience and we will continue to update our Twitter feed, @Bitly, as we have any further updates.”