50 million Evernote passwords hacked


Cloud-based note taking and archiving service Evernote was forced to issue password reset instructions for no less that 50 million of its users following a security breach on Saturday.

“Evernote operations and security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote service,” a blog by David Engberg, the company’s CTO said. “As a precaution to protect you data, we have decided to implement a password reset.”

Engberg said there was no evidence any of the data stored by free service users was “accessed, changed or lost” nor was there any indication that payment information for Evernote Premium or Evernote Business customers compromised.

The incident comes just after Dropbox, another cloud-storage firm, reported suspicious activity in its site last week. In recent weeks other firms, including Apple, Facebook and Microsoft suffered security breaches.


Video: Evernote, Moleskin, Spero, Parrot Zik
Drobox for Windows 8 a mixed blessing

Evernote is a suite of cloud-based software and services designed for note taking and archiving. User can store formatted text, full Web pages or Web page excerts, photographs, voice memo or hand written notes in the company’s servers either for free or by using any of the firm’s paid services.

Those responsible for the breach,  Engberg said, were able to gain access to Evernote user information, which includes user names, email addresses associated with Evernote accounts and encrypted passwords.

“Even though this information was accessed the passwords stored by Evernote are protected by one-way encryption (They are hashed and salted),” he said. “…in an abundance of caution, we are requiring all users to reset their Evernote account passwords.”

Evernote users can create new passwords by clicking on this link




Please enter your comment!
Please enter your name here