Bitly has issued a security warning that will hopefully prompt users to take action. The post on the Bitly blog mentions they have “reason to believe that Bitly account credentials have been compromised.” For reference, the credentials could include user email addresses, encrypted passwords, API keys and OAuth tokens.
On the plus side, Bitly did mention how they “have no indication at this time that any accounts have been accessed without permission.” Basically, account credentials may have been compromised, but no accounts are believed to have been accessed (yet). Having said that, there is some action Bitly users should take.
Users that had a Facebook or Twitter account connected will have to re-validate. Bitly offered the following advise;
“We are recommending all Bitly users make these changes. Please take the following steps to secure your account: change your API key and OAuth token, reset your password, and reconnect your Facebook and Twitter accounts.”
And for those not sure what some (or all) of that means should follow the source link at the bottom of the post for step-by-step directions. Naturally, one of those steps mentions changing your password. You may also want to change your password on other services if they were using the same credentials as your now (potentially) compromised Bitly account.