Bitly gets hacked, prompts password reset for all accounts

bitlylogo
Bitly

Today's Best Tech Deals

Picked by PCWorld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

URL shortening service Bitly has reset all user passwords in response to being hacked.

“We have reason to believe that Bitly account credentials have been compromised,” Bitly wrote in a blog post. “We have no indication at this time that any accounts have been accessed without permission.”

Bitly didn't give any details on how the attack occurred, and didn't say if any other information was stolen besides account credentials. The company says it has taken “proactive measures to secure all paths that led to the compromise.”

In addition to resetting all passwords, Bitly has also invalided all Twitter and Facebook credentials, so publishers will have to reconnect these accounts before posting via Bitly. Users will also have to reset their API keys and OAuth tokens, following the instructions on Bitly's blog.

The compromise doesn't appear to affect people who don't sign into Bitly, and are only using it as a basic link-shortening service. But it does affect registered users who take advantage of tools like saved links, stat tracking and social network sharing. The attack will mainly cause headaches for website publishers who use Bitly to share and track story links.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.
  
Shop Tech Products at Amazon