Popular URL shortening service Bitly has issued a security warning saying that it suspects that user account credentials have been compromised. To protect its users, the service has disconnected Facebook and Twitter accounts of all its users and they can safely reconnect the accounts at next login.”We have no indication at this time that any accounts have been accessed without permission,” said Mark Josephson, CEO of the company. “We invalidated all credentials within Facebook and Twitter. Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles,” he added.Bitly has also advised users to change their API keys and OAuth tokens, reset their password, and reconnect Facebook and Twitter accounts.
To reset the API key and OAuth token, users need to login and go to ‘Ypur Settings,’ click on the ‘Advanced’ tab and select ‘Reset’ next to ‘Legacy API key.’ Users can note down their new API key and change it in all connected applications including social publishers, share buttons and mobile apps.