Bitly, a URL shortening service issued an ‘urgent security update’ on Thursday that users’ accounts credentials had been compromised.
In an official blog post Mark Josephson, CEO, Bitly said, “We have reason to believe that Bitly account credentials have been compromised. We have no indication at this time that any accounts have been accessed without permission.”
The URL shortening service, in says it has taken “proactive steps to ensure the security of all accounts,” including disconnecting all Facebook and Twitter accounts and invalidating all credentials. However, Bitly noted that users can reconnect their accounts with their Facebook and Twitter accounts during their next login.
Further, Bitly requested all its users to change their API key and OAuth token; reset password, and reconnect Facebook and Twitter accounts.
osephson added, “We have already taken proactive measures to secure all paths that led to the compromise and ensure the security of all account credentials going forward. [..] We apologize for any inconvenience and we will continue to update our Twitter feed, @Bitly, as we have any further updates.”
Bitly first reported about the possible account breach on Twitter and said, “We suspect Bitly account credentials have been compromised. Please take action now.”
Notably, the URL shortening service has declined to give more details about the probable breach, as noted by multiple media reports and has pointed to its official blog post and Twitter account for future updates.