Bitly, the web-link shortening service, used by millions of people to make long links into shorter ones in order to share them on social media, has warned that user account credentials may have been compromised.
The company said it had disconnected user accounts from automatically posting to Facebook and Twitter.
Bitly’s chief executive Mark Josephson wrote: “The team has been working hard to ensure all accounts are secure.”
He published a blog post outlining steps users were advised to take:
“We have reason to believe that Bitly account credentials have been compromised; specifically, users’ email addresses, encrypted passwords, API keys and OAuth tokens. We have no indication at this time that any accounts have been accessed without permission. We have taken steps to ensure the security of all accounts, including disconnecting all users’ Facebook and Twitter accounts. All users can safely reconnect these accounts at their next login.
We are recommending all Bitly users make these changes. Please take the following steps to secure your account: change your API key and OAuth token, reset your password, and reconnect your Facebook and Twitter accounts.
We invalidated all credentials within Facebook and Twitter. Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles.
Following are step-by-step instructions to reset your API key and OAuth token:
1) Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.
2) At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’
3) Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.
4) Go to the ‘Profile’ tab and reset your password.
5) Disconnect and reconnect any applications that use Bitly. You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings.’
We have already taken proactive measures to secure all paths that led to the compromise and ensure the security of all user data going forward.
If you’re experiencing any trouble with the Bitly iPhone app, please update to the latest version found here. We have expedited an update to address any issues.
If you have account-specific questions, you can reach us at support@bitly.com.
We take your security and trust in us seriously. The team has been working hard to ensure all accounts are secure. We apologize for any inconvenience and we will continue to update our Twitter feed, @Bitly, as we have any further updates.
Launched in 2008, Bitly is based in New York.
CDL welcomes new Head of Professional Services 
£9.5 million fund launched to tackle digital divide 
Trafford & Stockport College Group invite businesses to explore emerging technologies