Evernote hacked, recommends users change passwords now

article thumbnail

Popular note taking service Evernote has instituted a service-wide password reset for all members, revealing that there had been suspicious activity on its network that looked like a hacking attempt.

Evernote recommends users log into Evernote.com to reset their passwords.

In a blog post on Saturday, it was revealed that Evernote's Operations & Security team had seen activity pointing toward a coordinated attempt at accessing secure features of the service. A subsequent investigation showed no signs that user content had been accessed, changed, or lost. There were also no signs that payment information for any customers had been accessed.

The hackers were able, though, to access Evernote user information, including usernames, email addresses associated with accounts, and encrypted passwords. The passwords stored by Evernote feature one-way encryption, meaning they are both hashed and salted.

Evernote now requires users to create a new password by signing into their accounts on evernote.com. Upon resetting their passwords, users will have to sign in using that password on any other Evernote apps they use.


Latest News