Geek News: Latest Technology, Product Reviews, Gadgets and Tech Podcast News for Geeks

Evernote User Passwords have been Compromised

Posted by JenThorpe at 8:55 PM on March 6, 2013

Evernote logoUsers of Evernote were recently sent an email that said that the company had decided to implement a password reset. It required 50 million users to reset their passwords. Why? The answer is the usual one when a company urges users to change their passwords – Evernote got hacked over the weekend.

This explains the difficulties that my husband and I had when we went grocery shopping. He uses Evernote to create grocery lists (instead of writing it down on paper). Usually, this works really well. However, when we got to the store and he tried to open Evernote, it wasn’t functioning as he expected it to. Oh, no! Could hackers be reading our grocery lists? If so, then they must be awfully bored.

The email Evernote sent to its users says:

Evernote’s Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service.

It goes on to say that this is the reason why they are implementing a password reset. So, if you opened Evernote today, and wondered why it was asking you to reset your password, now you know. Evernote says that they have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed. It also says:

The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted).

There are helpful suggestions on the Evernote website (where the email it sent to users was posted) that give advice about how to create a more secure password. It also points out that you should not click on “reset password” requests in emails, and should instead go directly to the service itself to do that.

8 Comments

  1. From jules_hotlips at 8:57 pm on March 6, 2013

    Evernote User Passwords have been Compromised: Users of Evernote were recently sent an email that said that th… http://t.co/5rctUo2NCk

  2. From shawno at 8:57 pm on March 6, 2013

    RT @GeekNews: Evernote User Passwords have been Compromised: Users of Evernote were recently sent an email tha… http://t.co/1pO8ENc4bq

  3. From QueenofHaiku at 8:57 pm on March 6, 2013

    RT @GeekNews: Evernote User Passwords have been Compromised: Users of Evernote were recently sent an email tha… http://t.co/1pO8ENc4bq

  4. From imjay07 at 9:06 pm on March 6, 2013

    Evernote User Passwords have been Compromised: Users of Evernote were recently sent an email that said that th… http://t.co/k9xIfFt63T

  5. From LuzieNews at 9:30 pm on March 6, 2013

    Evernote User Passwords have been Compromised http://t.co/RsNTVq87E5

  6. From glupidio at 10:33 pm on March 6, 2013

    RT @GeekNews: Evernote User Passwords have been Compromised: Users of Evernote were recently sent an email tha… http://t.co/1pO8ENc4bq

  7. From March 6 – 8, 2013 | Stuff Jen Wrote at 10:32 pm on March 8, 2013

    [...] Evernote Users Passwords have been Compromised Evernote users – it’s time to change your password. I wrote this for Geek News [...]

  8. From T.R.I.P. Episode 51 – For The Giggles | Two Rambling Idiots Podcast at 7:36 pm on March 9, 2013

    [...] Evernote User Passwords have been Compromised [...]