Link-shortening service, Bitly, has been compromised or possibly hacked. This means anyone who has an account should update their password, however Bitly is on top of the issue.
The scare surfaced last Thursday and Bitly has commented on the issue, saying it has been resolved as long as you reconnect following Bitly's security recommendations.
"We have reason to believe that Bitly account credentials have been compromised; specifically, users' email addresses, encrypted passwords, API keys and OAuth tokens," says Bitly on in its blog. "We have no indication at this time that any accounts have been accessed without permission. We have taken steps to ensure the security of all accounts, including disconnecting all users' Facebook and Twitter accounts. All users can safely reconnect these accounts at their next login."
Bitly has disconnected user accounts to their social media accounts, from Twitter and Facebook specifically. The company encourages users to reconnect their accounts only after changing their passwords, API keys, and Oauth tokens.
"Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles," Bitly says in its blog.
To reset the API key and Oauth token, users should log into their accounts and click on "Your Settings." Then go into the "Advanced" tab and select "Reset" next to "Legacy API key." Finally, they should copy the API key and change it in all apps they use - including social media, share buttons and mobile apps connected with Bitly.
Besides the note on its blog, Bitly also updated its user base through Twitter about the issue and compromise that occurred. It is good to see a company use multiple methods of reaching out to its customers, especially about such an important issue like accounts being compromised.
The good thing is that only those who have Bitly accounts are at risk. Web users who just clicked on Bitly's links shouldn't be affected by this compromise at all - at least that's what Bitly told Mashable.
