Evernote Reports Hacker Security Breach, Change Passwords Now

Another day, another security breach. This time it’s Evernote, the popular cloud-based “remember everything” service whose product offerings have increased substantially recently to include business-oriented tools.

According to a post on Evernote’s website, the company spotted some suspicious activity: “Evernote's Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service.”

Evernote password change

Because of the breach, the company recommends that all users reset their passwords. Evernote says it will make this process a bit easier by updating several of its apps, and it posted some pro tips for password and account security; really, everyone should know these by now, but here they are:

-Avoid using simple passwords based on dictionary words
-Never use the same password on multiple sites or services
-Never click on 'reset password' requests in emails — instead go directly to the service

Although the hacker(s) did gain access to some Evernote usernames, email addresses, and passwords, apparently no payment information was compromised, and the passwords were all hashed and salted.

Now if you’ll excuse us, we have to change our passwords, too.
Via:  Evernote
Comments
3vi1 one year ago

>> and the passwords were all hashed and salted.

Nothing to see here, move along.

I'm not even going to change mine. I use unique passwords for every site, so if they crack mine (which they shouldn't be able to do if they were actually salted)... they have access to a service they already hacked... on which I've only stored a couple of test notes because I don't really see the appeal of the service.

Post a Comment
or Register to comment