Evernote Hacking News: Evernote passwords Evernote reset to protect user data, according to the company, which found a coordinated hack attempt.
Evernote was hacked, the notetaking website admitted today, with account passwords, emails, and other information compromised.
“Evernote's Operations & Security team has discovered and blocked suspicious activity on the Evernote network,” said the company’s blog this morning without ever using the word “hack.”
“[It] appears to have been a coordinated attempt to access secure areas of the Evernote Service.”
As a result of the hack attempt, Evernote has implemented a password reset “as a precaution” to protect user data.
The Evernote hacking is the latest in a series of data retrieving attempts. Notably, Valve's Steam forum hacking
and the infamous PlayStaion Network hack
has affected gamer and tech services in the past.
Evernote hack didn’t take content
The good news is that while these Evernote hackers were able to access usernames, email addresses, and passwords, there is no evidence that they stole Evernote content.
“We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed,” said Evernote.
Better news is that the stolen Evernote passwords were encrypted - hashed and salted, as the company said in technical terms.
Evernote password reset process
That being said, Evernote is requiring users to create new passwords by signing into their account.
“After signing in, you will be prompted to enter your new password. Once you have reset your password on evernote.com, you will need to enter this new password in other Evernote apps that you use,” instructs the notetaking website.
“We are also releasing updates to several of our apps to make the password change process easier, so please check for updates over the next several hours.”
Evernote also listed obvious, but helpful ways to protect your account in the future: avoid using simple passwords based on dictionary words, never use the same password for multiple sites, and never click on “reset password” requests in emails. Instead go directly to the site.