Bitly attack

Popular URL shortening service Bitly has warned that it suspects its systems may have been breached by unauthorised parties, which possibly compromised user account credentials.

While the company does not have any clear evidence of unauthorised access to any account, it is still taking necessary measures to safeguard user accounts.

It has now disconnected users' Facebook and Twitter accounts to avoid any further exposure to their account data.

"We invalidated all credentials within Facebook and Twitter", said the company in a blog post.

"Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles."

Users should take the following steps to reset their OAuth tokens, API keys, passwords and then reauthorise connected applications:

1) Log in to your account and click on 'Your Settings,' then the 'Advanced' tab.

2) At the bottom of the 'Advanced' tab, select 'Reset' next to 'Legacy API key.'

3) Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.

4) Go to the 'Profile' tab and reset your password.

5) Disconnect and reconnect applications that use Bitly. You can check which accounts are connected under the 'Connected Accounts' tab in 'Your Settings.

The company went on to announce that it had taken several "proactive measures" to block the breach and safeguard user data.

When contacted for additional information on the issue by TNW, the company declined to offer any, simply redirecting the publication to the blog post.