NPC Seal
We use cookies to ensure you get the best browsing experience. By continued use, you agree to our privacy policy and accept our use of such cookies. For further information, click FIND OUT MORE.
I AGREE FIND OUT MORE
x
advertisement
Filtered by: Scitech
SciTech

Evernote resets 50M users' passwords after being hacked


Online note-taking service Evernote over the weekend reset the passwords of some 50 million of its users following a security breach in its system.
 
In a security notice, Evernote said its operations and security "discovered and blocked" the suspicious activity on the Evernote network.
 
"While our password encryption measures are robust, we are taking additional steps to ensure that your personal data remains secure. This means that, in an abundance of caution, we are requiring all users to reset their Evernote account passwords. Please create a new password by signing into your account on evernote.com," it said.
 
Evernote said the breach appeared to have been a "coordinated attempt to access secure areas of the Evernote Service."
 
It said the password reset was a "precaution to protect your data."
 
However, it maintained there was no sign any of the content users stored in Evernote was accessed, changed or lost.
 
There was also no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed, it added.
 
Still, it said its investigation showed those behind the security breached accessed Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords.
 
"Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted)," it said.
 
"As recent events with other large services have demonstrated, this type of activity is becoming more common. We take our responsibility to keep your data safe very seriously, and we're constantly enhancing the security of our service infrastructure to protect Evernote and your content," it added.
 
Evernote also advised users to:
 
- Avoid using simple passwords based on dictionary words
- Never use the same password on multiple sites or services
- Never click on "reset password" requests in emails — instead go directly to the service
 
Evernote also apologized for the inconvenience of having to change passwords, "but, ultimately, we believe this simple step will result in a more secure Evernote experience."
 
A separate article on TechCrunch quoted Evernote CEO and founder Phil Libin as saying everything is running, but servers could be saturated. TechCrunch said Evernote has some 50 million users.
 
“We just pushed out a password reset, so the servers are going to be saturated for a bit ... Everything is up, although response is choppy. There’s no threat to user data that we’re aware of,” he said. TechCrunch also quoted a spokesperson as saying Evernote noticed unusual activity last Feb. 28.
 
"We discovered that a person or persons had gained access to usernames, email addresses and encrypted user passwords. In our ongoing analysis, we have found no evidence that there has been unauthorized access to the contents of any user account or to any payment information of Evernote Premium and Evernote Business customers," it quoted the spokesperson as saying.  — ELR, GMA News
Tags: evernote
LATEST ELEKSYON 2025 RESULTS
News
Voter's Education
Candidates
Find out your candidates' profile
Debates
Find the latest news
Stand on Issues
Find out individual candidate platforms
MyKodigo
Choose your candidates and print out your selection.
Voter's Profile
Voter Demographics
Most Popular