Bitly alerts users of widespread account compromises, claims no accounts have been accessed

Bitly
By Bla1ze on 8 May 2014 09:04 pm EDT
6
loading...
0
loading...
48
loading...

If you've ever created an account for the url shortening service Bitly before, you'll want to listen up. Bitly has now announced via their blog that they have reason to believe that Bitly account credentials have been compromised and are suggesting users change their API keys and OAuth tokens.

We have reason to believe that Bitly account credentials have been compromised. We have no indication at this time that any accounts have been accessed without permission. For our users' protection, we have taken proactive steps to ensure the security of all accounts, including disconnecting all users' Facebook and Twitter accounts. All users can safely reconnect these accounts at their next login.

Needless to say, there is a ton of apps and services out there that make use of Bitly so this is something you're going to want to act on as soon as possible if it applies to you. You can head on over to the Bitly blog for the full details and instructions on how to get it all sorted out.

Source: Bitly

33 comments

TightDebbie

One more reason to keep using a BlackBerry. Security.

Posted via CB10

Observation Junkie

Lol

 Posted by the Crackberry Pirate 

TightDebbie

Never mind what? Keep the sarcasm to yourself. Thank you.

Posted via CB10

jcarlos100

Lol just dont

Posted via CB10

Pete The Penguin

Bla1ze wasn't being sarcastic. He was simply experience frustration toward the first comment.

That person obviously think owning a BlackBerry makes you immune from all security threats. It doesn't.

The Bitly breach has nothing to do with BlackBerry.

bspence87

Well said Bla1ze. I have as many words as you.

mjdimer

I think Tight Debbie is referring to the fact that we're hearing more and more about services being hacked, not necessarily just a url shortener - so using a BlackBerry has a certain peace of mind here. Unfortunately (for BlackBerry) security just isn't high up on the needs list of buyers.

After all, if this post isn't relevant to blackberry at all... why is it posted on Crackberry?

Posted via CB10

iBuilder

Using a BlackBerry won't protect anyone from this type of situation. Also reporting on CB is getting the word out about the problem.

Posted via CB10

Bla1ze

Because there is several apps that actually make use of Bitly on BlackBerry and if you're using any of those apps, using a BlackBerry doesn't help you one single bit. You should still be changing your passwords and such for the services as noted in the article, IF it applies to you.

Pete The Penguin

Thanks for the article, Bla1ze. It's appreciated.

Koepman

Blaize is one of the cool kids.... he thinks.

Visit my Channel C00121417 

ggastaris

So it's been compromised but not compromised. Dumb

huungryshark

Yeah, with BlackBerry this would've never happend. Always use BlackBerry as URL shortender.always always always.

RedBerry Z10 Limited Edition #00167

coldfir3

Lmao dkm

Posted via CB10

qwerty4ever

Unfortunately a lot of people already think of BlackBerry as a means of shortening their "mobile computing experience." BlackBerry - short their stock price, short on applications, short on features, short battery life, etc. So I suppose we shouldn't be shocked when someone mistakenly claims BlackBerry is a URL shortener. < /sarcasm >

Posted via CB10 on BlackBerry Q5

Omnitech

http://imgur.com/GVunmQH

I don't normally use URL shorteners, but when I do..

Xandrex_BSCF

File not found !

Posted via CB10

Omnitech

Just tested it again, works fine here.

Maybe your ISP is blocking imgur.com or something.

Signhere

Thank you BlackBerry for saving us!

Posted via CB10

Soul_Est

Just as I finished resecuring all of my accounts after HeartBleed. Thankfully, it's just Bitly. I do hope that the Internet Archive wasn't affected by this.

BlueStreak67

If only Bit.ly was using BlackBerry's none of this would have ever happened!

Posted via CB10

ErnieH

Why does anyone create an account in Bit.ly? Looks like you can use it just by entering a url.

Xandrex_BSCF

Because people sometimes want to do more than simply shorten a URL.

Using an account allows customization, history, and even stats and branding as well as other paid features.

Posted via CB10

SparkyBC

The less services people use the better. No data is 100% safe not even on this site...

I trust all companies with my data like a bucket full of water and holes!

Prem WatsApp

I find URL shorteners a bit suspicious. Could be a direct link to a malware payload or a laced website. How would you prevent that? Same with QR codes.

"No Q10?" -> "Buy from Chen... "

Xandrex_BSCF

Yes they are suspicious.

You have two ways against that:

1) after the redirection : have secure applications that are able to handle those Malware sites (ie Firefox or the BlackBerry browser)

2) before applying the redirection, have the recipient app of that short link/qr-code resolve it and display it before asking if the user wants to open it (the NFC app does that already both for QR-Code and for NFC, as well as the Twitter website)

And the third solution: don't click.

Posted via CB10

Omnitech

There are other solutions.

I use tinyurl.com. They are trustworthy, they have been around forever. One of the first URL shortening services on the web.

They have a feature where all you do is prepend "preview." to the URL (ie "http://preview.tinyurl.com/xyz123") and before the service redirects the browser, it displays a page on their site that shows what the destination URL is. Only when the person then clicks something to OK that, are they redirected to that destination page.

Midgeone25

I agree with Prem we don't know where we being sent

Tapping and flicking on my Zed 10

NOKJAA

Thanks for the heads up! I just posted on LinkedIn and on Twitter #bitly #Security #Update #Urgent #Twitter #DataBreach #Privacy

- Sent from my BlackBerry | Q10 -

spookyentertainment

Cool

Posted via cb10 Www.youtube.com/spookyentertainment