Evernote has this morning announced a rash of suspicious activity and is instituting a service-wide password reset.
In a post this morning on the company blog, team members called the activity “a coordinated attempt to access secure areas of the Evernote service.”
Evernote’s security team says it has found no evidence that user data, including stored content, was accessed. The company also confirmed that payment information for Evernote’s premium services was not compromised.
What the hackers were really after was usernames, email addresses, and passwords. Evernote says the information sought had been encrypted (hashed and salted). Even so, the service is asking its users to change their passwords.
To change yours, go directly to the Evernote site; don’t click on any links in any emails you may receive.
Also, your friendly neighborhood nerds at VentureBeat would encourage you to change your passwords for any accounts that shared the same login information as your Evernote account. Using duplicative login credentials across multiple sites is a big personal Internet security no-no, but we know enough of you do it.
These kinds of hacks are becoming more and more common. To thwart hackers and prevent online or financial identity theft, all us Internet folk should generally not be idiots about passwords, the first line of defense in online security. Get creative with your passwords, or better yet, use password management software such as 1Password.
VentureBeatVentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more