http://www.washingtonpost.com/blogs/the-switch/wp/2014/05/09/link-shortener-bitly-disconnects-users-facebook-and-twitter-accounts-over-compromised-credentials/
By Andrea Peterson
The Washington Post
May 9, 2014
Bitly, a popular service that allows users to create shortened or even
customized URLs, and track how that shortened link is shared over time,
issued a mysterious security update Thursday evening.
In a blog post, CEO Mark Josephson warned the company had "reason to
believe that Bitly account credentials have been compromised." While the
company says that they "have no indication at this time that any accounts
have been accessed without permission," it took the extreme step of
disconnecting the service from all users' Facebook and Twitter accounts.
That's sure to cause a headache for some social media managers -- although
probably less than the one from finding that their social channels were
spewing unauthorized content.
Bitly is urging all users to reset passwords, change the API key and OAuth
token associated with their account that allow the shortener to be tied
into services, such as share buttons or social media management platforms,
and then reconnect the shortener to their Facebook and Twitter accounts.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
