When it comes to long URLs, people often choose to shorten them for posting by using a URL shortening service. This is commonly used on Twitter where there is a character limit for tweets, and they are used in numerous other places on the web as well. One URL shortening service site which seems to be a favorite for many users is Bitly, which was launched in 2008. Beginning yesterday, the Bitly site began posting security alerts to make its users aware that they suspect users accounts had been compromised, and a notice posted on their main website page reads, "Bitly users: we suspect account credentials have been compromised. We need you take action to secure your account."

In a posting on the Bitly blog by CEO Mark Josephson, additional details are provided:

"We have reason to believe that Bitly account credentials have been compromised; specifically, users’ email addresses, encrypted passwords, API keys and OAuth tokens. We have no indication at this time that any accounts have been accessed without permission. We have taken steps to ensure the security of all accounts, including disconnecting all users’ Facebook and Twitter accounts. All users can safely reconnect these accounts at their next login."

The service is recommending that all users take the necessary steps they provide in an effort to secure accounts. They suggest changing your API key and OAuth token, resetting your password, and then reconnecting your Facebook and Twitter accounts. The blog also states, "We invalidated all credentials within Facebook and Twitter. Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles."

Any time there's reason to believe user accounts may have been compromised, it's best to do what's recommended. If you suspect any suspicious activity as a result of a compromised account, you should report it to the site as soon as possible.