Data breach leaves Bitly accounts compromised

URL reducer comes up short after malicious attack

Data breaches

Bitly has confirmed its account holders' credentials may have been compromised by a malicious attack.

The website is used by millions of people to shorten links for posting on social media. Account holders link it to their Facebook and Twitter profiles, meaning their social media accounts might now also be at risk.

In a blog post, chief executive Mark Josephson assured readers "the team has been working hard to ensure all accounts are secure."

Bitly said the company has no reason to believe any accounts have been accessed without permission. As a security precaution, however, it has shut down all Facebook and Twitter-connected accounts.

"We have already taken proactive measures to secure all paths that led to the compromise and ensure the security of all account credentials going forward," added Josephson.

A step-by-step guide has been posted on the blog, directing users to reset their API keys and security settings. Bitly also advises users to disconnect and reconnect from any applications that use the service and reset their passwords.

The URL service launched its website in 2008 and gained popularity the following year as the default shortening service used on Twitter. The company also offers a paid enterprise solution used by firms The New York Times and Pepsi for their social campaigns.

The company has yet to respond to a request for comment.

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021
83% of critical infrastructure companies have experienced breaches in the last three years
cyber security

83% of critical infrastructure companies have experienced breaches in the last three years

11 Nov 2021
Identity Automation launches credential breach monitoring service
phishing

Identity Automation launches credential breach monitoring service

5 Oct 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022