Popular link-shortening and tracking service Bit.ly learned this past Thursday that Bit.ly account credentials may have been compromised, specifically user email addresses and passwords, API keys and OAuth tokens. Fortunately, the team at Bitly is on top of the issue.
Yesterday, the service sent an email to users with instructions on how to secure their accounts. In a move to protect their users, Bitly’s security team invalidated all credentials connected to Facebook and Twitter. According to Mark Josephson, CEO of Bitly, they’ve already taken measures to make sure all paths that led to the compromise of users’ data have been secured.
Following are the step-by-step instructions posted on the Bitly.com blog to reset your API key and OAuth token:
- Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.
- At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’
- Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.
- Go to the ‘Profile’ tab and reset your password.
- Disconnect and reconnect any applications that use Bitly. You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings.’
Regarding your connected Facebook and Twitter, all you have to do is reconnect your accounts the next time you log in those services. If you are using Bitly for iPhone, you will need to update your app to the latest version.
In the wake of this serious breach of security, Bitly has not only enforced two-factor authentication on all third party services company-wide (yay!), they’ve taken steps to speed up their work on development of a two-factor authentication for bitly.com (double yay). Other changes have been made on their end, and if you’re interested in that, you can get more information on their blog, but these are the changes we’re most excited about. Strong passwords and two-factor authentication will go a long way toward keeping people safe.
The fixes we have stated here are simple and easy and if you’re a bitly.com user, we recommend you implement these now. For additional updates, please follow @Bitly on Twitter and/or subscribe to their blog.
Other resources on this topic:
How Social Networks Facilitate Identity Theft and Fraud
The Secret to Password Security Could Lie in Your Social Network
photo credit: marsmet549 via photopin cc
Shelly Kramer is a Principal Analyst and Founding Partner at Futurum Research. A serial entrepreneur with a technology centric focus, she has worked alongside some of the world’s largest brands to embrace disruption and spur innovation, understand and address the realities of the connected customer, and help navigate the process of digital transformation. She brings 20 years’ experience as a brand strategist to her work at Futurum, and has deep experience helping global companies with marketing challenges, GTM strategies, messaging develoment, and driving strategy and digital transformation for B2B brands across multiple verticals. Shelly’s coverage areas include Collaboration/CX/SaaS, platforms, ESG, and Cybersecurity, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. A transplanted New Yorker, she has learned to love life in the Midwest, and has firsthand experience that some of the most innovative minds and most successful companies in the world also happen to live in “flyover country.”