Facebook, Twitter users warned as Bitly shortener services hacked

In a blog post, Bitly CEO Mark Josephson particularly urged Bitly users who have Twitter or Facebook accounts connected to their Bitly accounts to take security precautions.

 

"We have reason to believe that Bitly account credentials have been compromised; specifically, users’ email addresses, encrypted passwords, API keys and OAuth tokens," Josephson said.

 

He recommended that all Bitly users "change your API key and OAuth token, reset your password, and reconnect your Facebook and Twitter accounts."

 

For now, he said all Bitly users can safely reconnect these accounts at their next login.

 

However, there is no evidence at this time that any Bitly account had been accessed without permission.

 

Bitly has disconnected all users’ Facebook and Twitter accounts and taken other steps "to ensure the security of all accounts."

 

Bitly has also invalidated all credentials within Facebook and Twitter.

 

"Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles," Josephson said.

 

He added Bitly has taken "proactive measures to secure all paths that led to the compromise and ensure the security of all user data going forward."

 

Josephson also urged users of the Bitly app for iPhone to upgrade to the newest version.

 

Bitly users with account-specific questions may email support@bitly.com.

 

— Joel Locsin/ELR, GMA News