Bitly users urged to change passwords

Posted on: May 13, 2014 | By: Christina Bonds | Filed under: Info Security, Passwords

bitly_logoIf you are a Bitly user you should be aware Bitly has had a data compromise.  On May 8th Bitly CEO Mark Josephson announced the breach in a blog post with minimal details stating, “We have reason to believe that Bitly account credentials have been compromised; specifically, users’ email addresses, encrypted passwords, API keys and OAuth tokens.”

What is Bitly?

Bitly is a URL shortening service.   Even if you don’t have a Bitly account you have probably seen a Bitly URL especially when using social media due to the character limitations.  With a Bitly account you can enter a long website address and Bitly will return a shortened address that will redirect to the website when clicked.  Bitly can also be used as a marketing tool for organizations wanting to track how many clicks their webpages are generating.  To make sharing easier Bitly offers the ability to log in using a Facebook or Twitter login.

What should I do if I have a Bitly account?

If you have a Bitly account log in and change your password.  Remember to use a unique password that has not been used for other accounts.  If you use the feature of Bitly which allows you to log in using a social media account you will want to change those passwords as well.  Although Bitly cannot confirm if credentials have been illegally accessed it is still a best practice to change passwords once a data breach has been identified.  Read the entire blog post and its updates here.  It has detailed steps you should perform to change your account credentials.

Image credit

Christina Bonds

Christina Bonds, CISSP, is an Application Developer at Elon University

More Posts


Comments are closed.