Bitly User Credentials Compromised from Offsite Database Backup

According to an official statement from the company’s CEO, Bitly Users account credentials on URL shortening service have been compromised.

For users who have connected their Facebook or Twitter accounts to the service, they need to re-connect their account at the next login.

The scare surfaced last Thursday and Bitly has commented on the issue, saying it has been resolved as long as you reconnect following Bitly's security recommendations.

"We have reason to believe that Bitly account credentials have been compromised; specifically, users' email addresses, encrypted passwords, API keys and OAuth tokens," says Bitly on in its blog. 

"We have no indication at this time that any accounts have been accessed without permission. We have taken steps to ensure the security of all accounts, including disconnecting all users' Facebook and Twitter accounts. All users can safely reconnect these accounts at their next login."

Bitly says it is sending an email to “all users from the domain bitlysupport.com outlining the steps to secure your account”. 

The fact that they have named the domain they are planning to send the warning email from underlines their concern that the hackers might attempt their own malicious campaigns, targeting customers who have had their accounts exposed through the hack.

Two-factor authentication isn’t a magical solution which will stop all online criminal activity, but it certainly makes life harder for the hackers who want to break into your accounts.

Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter