The link-shortening service bit.ly has issued a warning to its users recommending they change their account details following a hacking of the company.
The firm has said that there’s no evidence any accounts have been accessed, but it’s taken proactive steps to make sure the accounts have been secured. Facebook and Twitter accounts that linked to bit.ly ones have been disconnected. bit.ly has advised its users to change their API key and OAuth tokens, and reset their passwords, then reconnect any Facebook or Twitter accounts that have been disconnected.
In addition, the company has set out a step-by-step guide to ensure account security:
- Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.
- At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’
- Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.
- Go to the ‘Profile’ tab and reset your password.
- Disconnect and reconnect any applications that use bit.ly. You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings.’
No specifics have been released as to how hackers accessed bit.ly’s systems, but CEO Mark Johnson said in a blog post, “We have already taken proactive measures to secure all paths that led to the compromise and ensure the security of all account credentials going forward.” He added that any future updates would be posted on the company’s Twitter feed.