Evernote latest hacking victim as 50 million accounts are compromised

The current spate of high profile hacks claimed a new victim as online organisational service, Evernote suffered the compromise of usernames, encrypted passwords and customer email addresses.

The company is requiring close on 50 million users to change their passwords immediately. All passwords have been reset, therefore any user attempting to log into the service will be obliged to go through the process of setting a new password.

Evernote – which is sort of like an online Filofax (or personal organiser for those on whom the 80’s icon is lost on) emailed all customers about the breach. Their security team discovered and blocked "suspicious activity on their network that appears to have been a coordinated attempt to access secure areas" of the Evernote service, the company said. Investigations into the extent of the damage, let alone any hint of who the culprits may be are still ongoing, but the company are sure that login data has been affected.

Evernote insist that despite passwords being hacked, the company’s use of "one-way encryption" (hashed and salted) to protect data would have limited the depth of the hack. The company also said there was no evidence at the time that payment card details or actual stored content had been exposed.

"As a precaution to protect your data, we have decided to implement a password reset," Evernote said, noting the decision reflected an "abundance of caution."

Evernote allows people to make lists, store notes, and organize personal information such as video clips, images, Web pages, and itineraries stored in the cloud.

Evernote also reminded users to never click on "reset password" links in email so as to avoid phishing scams and further personal data grabs. This warning came as they sent out a password reset email with a host of embedded links within it – perhaps ringing slight alarm bells in their response to the crisis.

United Kingdom - Excite Network Copyright ©1995 - 2022